Menu
Are sessions only kept alive each time you access a page with session_start(); or do other pages keep it alive too?
Example (with 30 minute timeout):
user accesses page with session_start();
25 mins later they access another session_start();
page session stays alive
user accesses page with session_start();
25 mins later they access a non-session_start(); page
session stays alive
Is 2 also true ?
762
Using ajax you can call a php script that refreshes your session every 10 minutes. :) This is as far as i can go to "exact". <? php session_start(); // store session data if (isset($_SESSION['id'])) $_SESSION['id'] = $_SESSION['id']; // or if you have any algo. ?>
If you want to keep the session even if the browser is closed then you need to use persistent cookies which are stored on the user computer rather than HTTP only cookies. Show activity on this post. The best way is to keep cookie in browser,but encrypted.
By default, session variables last until the user closes the browser. So; Session variables hold information about one single user, and are available to all pages in one application. Tip: If you need a permanent storage, you may want to store the data in a database.
Sessions are significantly safer than, say, cookies. But it is still possible to steal a session and thus the hacker will have total access to whatever is in that session. Some ways to avoid this are IP Checking (which works pretty well, but is very low fi and thus not reliable on its own), and using a nonce.
There is always a session cookie set in your browser whenever you access a page which has session_start(). The cookie name will PHPSESSID if the website is using PHP(although the name can be changed). This session cookie contains a session id which helps the browser to maintain that session with the server.
You can check manually by browsing any website which has your session and then delete your browser cookies, your session will be lost.
In your case both 1 & 2 are correct.
2 is correct because the user already has accessed a page which has session_start() and your session id will be set for the next 30 mins and it will be present even if you accesse a page which does not have a session.
NOTE: But the page which you will be visiting if contains session_destroy(), your session will be destroyed.
171
Calling session_start() merely gives your code access to the session.
What keeps the session alive is your browser sending the session id (stored in a cookie) to the server, whether you use it or not.
Answer: They are both true.
21
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
