>>
>> I want to prevent one from taking over a session from one who left the
>> site
>> and left his desk for a moment.
>>
>> What if that connection were two servers communicating together !?
>> Any crooked mind could then steal the latent session and start fire in
>> the
>> system(s).
>
>
On Tue, Mar 11, 2008 at 11:48 AM, Bill <[EMAIL PROTECTED]> wrote:
> Hum. Then we rely on JS to implement security with conections. And JS is
> anything but secure AFAIK.
>
> I want to prevent one from taking over a session from one who left the site
> and left his desk for a moment.
>
> What i
Hi
>> > socket open, then there are much smaller, simpler ways.
>>
>> Like what ?
>
>I meant as opposed to the session-handling method I sent in the
> other thread. However, you may want to look into having JavaScript
> handle the session-watching, and report to the server via AJAX calls
>
On Tue, Mar 11, 2008 at 9:01 AM, Bill <[EMAIL PROTECTED]> wrote:
> Hi Daniel,
>
>
> > on the site. If all you want to do is find out if they still have the
> > socket open, then there are much smaller, simpler ways.
>
> Like what ?
I meant as opposed to the session-handling method I sent i
Hi Daniel,
> on the site. If all you want to do is find out if they still have the
> socket open, then there are much smaller, simpler ways.
Like what ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Mon, Mar 10, 2008 at 6:23 PM, Bill <[EMAIL PROTECTED]> wrote:
> At most I'll have a 30 secs. time lapse. (30 secs. is the default execution
> time for scripts)
>
> What do you think of that?
That could work for very short sessions, sure. This was for a
larger, longer, community-style sc
Hi Daniel,
>http://www.nabble.com/Logging-session-timeout-in-DB-to15845123.html
It can build a lot of stress on the server.
What if I use connection_aborted() ?
In the status line of the page I can write a 'connected' timer and use it to
check the connection !?
At most I'll have a 30 secs.
On Mon, Mar 10, 2008 at 4:32 PM, Bill <[EMAIL PROTECTED]> wrote:
> I didn't set any cookie so it must be the php session cookie.
> How can I check for the visitor's presence ?
> I can't set a timer or check for activity since the visitor can be studying
> an online document.
> I must rely on t
Hi Daniel,
>> Why if I connect from another machine, log in, and disconnect without
>> logging off, and return 5 mins later, my session is still alive ?
>
>A session only expires in three cases:
>a.) An explicit session_destroy() is sent.*
>b.) The user-side cookie with the s
On Mon, Mar 10, 2008 at 3:59 PM, Bill <[EMAIL PROTECTED]> wrote:
> Hi
>
> Ubuntu7.10 LAMP
>
> A PHP session destroys itself as soon as the client disconnects from the
> site.
>
> Why if I connect from another machine, log in, and disconnect without
> logging off, and return 5 mins later, my se
10 matches
Mail list logo
