会话 - 如何防止用户在不活动时退出? [英] Sessions - how can I prevent users being logged out when inactive?
问题描述
您好,
我的PHP数据库应用程序的用户抱怨它似乎偶尔会将它们记录下来。
。我实际上假设这是因为我使用会话变量来存储登录的令牌,因此它在某个时候已经闲置了
。
只有会话的基本知识我假设在会话数据被销毁之前有一些
的默认时间。
是这样吗?
我的调查显示
session.cookie_lifetime
指令,但在我的环境中默认值为0表示cookie
持续时间所以这不是我的问题。
另一个指令是
session.cache_expire
我哪不完全明白这是否会产生影响,但它可能会有b $ b。这默认为180分钟,所以我想也许用户在180分钟后退出了
。
作为实验,我尝试将此设置为1分钟(> session_cache_expire(1);),
但这样做,然后检查它是否设置了phpinfo()发现它
保持在180.所以我可以不要改变价值。
所以任何人都可以提供帮助。如果我必须设置
session.cache_expire
我是否必须在每个使用session_start的页面上设置它,或者我可以
只是在登录页面之后设置它,然后我设置的值将保留。
任何有关此事的帮助都表示赞赏。
亲切的问候
Dave
Hi there,
Users of my PHP DB application have complained that it seems to log them out
every now and then. I actually assume this is when it has been idle for
sometime as I use session variables to store a logged in token.
With only basic knowledge of sessions I assumed there was some kind of
default time before the session data is destroyed.
Is this the case?
My investigations revealed a
session.cookie_lifetime
directive but the default value of 0 as in my environment means the cookie
lasts for ever so this could not be my problem.
The other directive was
session.cache_expire
which I do not fully understand if this would have an effect or not but it
may do. This has a default of 180 mins so I thought maybe users are being
logged out after 180 mins.
As an experiment I tried setting this to 1 min (>session_cache_expire(1); ),
but doing this and then checking if it was set with phpinfo() found that it
stayed at 180. Therefore I could not change the value.
So can anyone help. If I do have to set the
session.cache_expire
do I have to set this on each page where a session_start is used, or can I
just set it after the login page, and then the value I set will remain.
Any help on this matter appreciated.
Kind regards
Dave
推荐答案
Dave Smithz写道:
Dave Smithz wrote:
嗨那里,
我的PHP数据库应用程序的用户抱怨它似乎已经将它们记录下来
然后。我实际上假设这是因为我使用会话变量来存储已登录的令牌时它已经闲置了
只有基本的会话知识,我认为有某种
会话数据被销毁之前的默认时间。
是这样的吗?
我的调查显示了
session.cookie_lifetime
指令但是在我的环境中默认值为0表示cookie永远持续,所以这可能不是我的问题。
另一个指令是
session.cache_expire
我不完全明白这是否会产生影响,但它可能会有效。这默认为180分钟,所以我认为用户可能会在180分钟后退出。
作为实验,我尝试将此设置为1分钟(> session_cache_expire(1); ),
但这样做,然后检查是否设置了phpinfo()发现它保持在180.因此我无法改变价值。
所以任何人都可以救命。如果我必须设置
session.cache_expire
我是否必须在每个使用session_start的页面上设置它,或者我可以在登录页面之后设置它,然后我设定的价值将保留。
任何有关此事的帮助表示赞赏。
亲切的问候
戴夫
Hi there,
Users of my PHP DB application have complained that it seems to log them out
every now and then. I actually assume this is when it has been idle for
sometime as I use session variables to store a logged in token.
With only basic knowledge of sessions I assumed there was some kind of
default time before the session data is destroyed.
Is this the case?
My investigations revealed a
session.cookie_lifetime
directive but the default value of 0 as in my environment means the cookie
lasts for ever so this could not be my problem.
The other directive was
session.cache_expire
which I do not fully understand if this would have an effect or not but it
may do. This has a default of 180 mins so I thought maybe users are being
logged out after 180 mins.
As an experiment I tried setting this to 1 min (>session_cache_expire(1); ),
but doing this and then checking if it was set with phpinfo() found that it
stayed at 180. Therefore I could not change the value.
So can anyone help. If I do have to set the
session.cache_expire
do I have to set this on each page where a session_start is used, or can I
just set it after the login page, and then the value I set will remain.
Any help on this matter appreciated.
Kind regards
Dave
session.cookie_lifetime = 0表示一旦浏览器关闭,cookie就会被删除,这会导致用户退出。
将其设置为另一个值(以秒为单位,使用ini_set())以保持用户
登录更长时间。但请注意,这并不确定,因为
用户使用你的cookie取决于他们。
micha
session.cookie_lifetime = 0 means the cookie will be deleted as soon as
the browser is closed, which logs the user out.
set it to another value (in sec''s, using ini_set()) to keep the user
logged in longer. but note that this is not sure fire because what the
users do with your cookie is up to them.
micha
" chotiwallah" < CH ********* @ web.de>在消息中写道
news:11 ********************* @ o13g2000cwo.googlegro ups.com ...
"chotiwallah" <ch*********@web.de> wrote in message
news:11*********************@o13g2000cwo.googlegro ups.com...
session.cookie_lifetime = 0表示一旦浏览器关闭就会删除cookie,这会将用户注销。
将其设置为另一个值(以秒为单位) s,使用ini_set())让用户更长时间登录。但请注意,这并不确定,因为
用户对你的cookie做了什么取决于他们。
session.cookie_lifetime = 0 means the cookie will be deleted as soon as
the browser is closed, which logs the user out.
set it to another value (in sec''s, using ini_set()) to keep the user
logged in longer. but note that this is not sure fire because what the
users do with your cookie is up to them.
是的你当然是在那里,但是在这种情况下,当用户没有关闭浏览器时,用户将被注销。实际上他们希望
如果他们关闭浏览器他们将被注销,这是更好的行为。
我需要防止在他们拥有的窗户上发生超时保持
打开(注意这个窗口确实使用框架,如果这有所不同)。
亲切的问候
Dave
Yes you are right there of course, but in this instance users are being
logged out when they have not closed the browser. In fact they expect that
if they close the browser they will be logged out which is better behaviour.
I need to prevent the time out occurring on a windows which they have kept
open (note this window does use frames if this makes a difference).
Kind regards
Dave
Dave Smithz写道:
Dave Smithz wrote:
" chotiwallah" < CH ********* @ web.de>在消息中写道
新闻:11 ********************* @ o13g2000cwo.googlegro ups.com ...
"chotiwallah" <ch*********@web.de> wrote in message
news:11*********************@o13g2000cwo.googlegro ups.com...
session .cookie_lifetime = 0表示一旦浏览器关闭就会删除cookie,这会将用户记录下来。
将其设置为另一个值(以秒为单位,使用ini_set ())让用户更长时间登录。但请注意,这并不确定,因为
用户对您的cookie做了什么取决于他们。
session.cookie_lifetime = 0 means the cookie will be deleted as soon as
the browser is closed, which logs the user out.
set it to another value (in sec''s, using ini_set()) to keep the user
logged in longer. but note that this is not sure fire because what the
users do with your cookie is up to them.
是的,你当然就在那里,但在这个例子中用户在他们没有关闭浏览器时正在退出。事实上,他们希望如果他们关闭浏览器,他们将被注销,这是更好的行为。
我需要防止在他们保持打开的窗户上发生超时(注意这个窗口确实使用框架,如果这有所不同)。
亲切的问候
戴夫
Yes you are right there of course, but in this instance users are being
logged out when they have not closed the browser. In fact they expect that
if they close the browser they will be logged out which is better behaviour.
I need to prevent the time out occurring on a windows which they have kept
open (note this window does use frames if this makes a difference).
Kind regards
Dave
帧可能会使差异:php启动单个脚本的会话,
不适用于浏览器窗口或整个域。这意味着每个使用会话的脚本都需要session_start()
调用。
另一个想法:你的登录验证用户''啜?如果是,请尝试没有它的
,因为如果您的用户的连接空闲,他们的
计算机可能会断开连接,然后再次从不同的IP连接,
使您的登录失效。
micha
frames might make a diference: php starts session for single scripts,
not for browser windows or whole domains. that means a session_start()
call is needed for every script that makes use of the session.
another thought: does your login validate the user''s ip? if yes, try
without it, because if your user''s connections are idle, their
computers might disconnect, and then connect from a differnet ip again,
which invalidates your login.
micha
这篇关于会话 - 如何防止用户在不活动时退出?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
