> I have a cookie that times out after an hour for security reasons.
> About 1 out of 200 of my users send me an email saying they can't log
> into my site and I find out that it's usually because their clocks
> are off. Has anyone had any luck using the time on the client to set
> cookies by instead of server time? I hate using javascript for this
> but I don't see much choice.
Just use a session cookie (by not providing an expiry time) and add the
server's expiry timestamp to the value of the cookie. Then when you get
that cookie sent to you, check it against your server's time and make the
decision on whether to accept the cookie or not based on that.
That way you are immune from people not having their system clocks set
right.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
