Session Expiry/Times

[Mutley]

I've simply set some sessions....

 

		$_SESSION['LoggedIn'] = 1;
	$_SESSION['UserID'] = $row["UserID"];

 

They don't seem to last very long, usually when I close my browser and go back on later, they'll expire. I want them to last permanently unless the user logs out.

 

How do I do this?

 

Thanks in advance.

[PFMaBiSmAd]

By default, session variables last one browser session (the session cookie lifetime is set to zero so that the cookie is only held in the browser's cookie cache, which is deleted when the browser is closed.)

 

To make a session last longer requires that you both extend the session cookie lifetime setting and the session garbage collection maxlifetime setting. If you are on a shared web server you must also make the session save path point to a 'private' folder within your account's folder tree so that only your session settings affect your sessions.

 

The normal way this is accomplished is to use a regular cookie to just identify the visitor (using a unique and hard to guess and hard to produce value) and his logged in status is kept in your user table in the database.

[Rifts]

just use cookies instead of sessions

[Mutley]

just use cookies instead of sessions

 

I didn't think cookies were great for a login system though?

 

I thought sessions was the way forward.

[Rifts]

if you want to keep users logged in after they close their browser or move away from your page you should