I want a "remember-me" cookie for my login form and get it work until I reopen the browser. I am using the Zend Framework 2 to get it done.
I set up a form with a checkbox and have this in my controller after validating the form:
$userSession = new Container("test");
$sessionManager = $userSession->getManager();
$sessionManager->rememberMe(1209600);
$sessionManager->start();
In the module.config.php I have the following settings for the session:
'session' => array(
'name' => 'Test_SESSION',
'save_path' => realpath('C:\xampp\htdocs\Workspace\test\data\session'),
'remember_me_seconds' => 1209600,
'cookie_lifetime' => 1209600,
'use_cookies' => true,
'cookie_httponly' => true,
),
And finally in module.php:
$session = new SessionConfig();
$session->setOptions($this->serviceLocator->get("config")["session"]);
I searched through the web for any advises and tried something, but at least when I close the browser the cookie is deleted. Firefox settings of deleting cookies were checked also, so they won't be automatically deleted. Does any one has a successful solution or hint?
Edit: When I take the code of newtake and add $sessionManager->rememberMe(); to it, the session is still alive after closing browser, but I can't login anymore even the login process is successfully done. Anyone heard from this curiosity?
Need setup SessionConfig to SessionManager. It is my config
'service_manager' => array(
'factories' => array(
'Zend\Session\SessionManager' => function ($sm) {
$sessionConfig = new \Zend\Session\Config\SessionConfig();
$sessionConfig->setOptions([
'use_cookies' => true,
'gc_maxlifetime' => 1728000,
'cookie_lifetime' => 1728000,
'name' => 'COOKIE_NAME',
]);
$sessionManager = new \Zend\Session\SessionManager($sessionConfig);
$sessionManager->start();
return $sessionManager;
}
)
)
Related
Working with the Yii framework in the config-file session storaged is handled as follows:
'session' => array(
//'sessionName' => 'SomeSession',
'class' => 'CDbHttpSession',
'connectionID' => 'SomeConnection',
'autoCreateSessionTable' => false,
'sessionTableName' => 'SomeTable',
'autoStart' => 'false',
'cookieMode' => 'only',
'useTransparentSessionID' => false,
'timeout' => CSESSIONTIMEOUT,
'cookieParams' => array(
'path' => '/',
'domain' => '.somedomain.extension',
'expire' => time()+5256000,
'lifetime' => time()+5256000,
//'httpOnly' => true,
),
),
So as you see sessions are stored in a table in a database with a given lifetime. But if I check the stored sessions in the database they are not stored with the given lifetime they are stored with a lifetime of a year.
The only thing I can find in our application that has a lifetime of a year are the cookies. For example like this:
setcookie("cookie_name", $someValue, time()+31536000, "/", "somedomain");
What is confusing for me are the cookies in our application. Could it be possible that this overrides the Yii session storage config?
UPDATE
I also came across this line of code
$_SESSION['POLL_'.$idPoll.'somekey'] = strtotime("now");
And that line of code inserted a session record in the database. But that record also has an lifetime of a year. How is this possible?
You need to add timeout param to config like this:
'session' => array(
'class' => 'CDbHttpSession',
'timeout' => 5256000,
// ...
Try Cookies Like this : -
if (isset($_POST['remember'])) {
$cookieUsername = new CHttpCookie('phoenix_admin_username', $_POST['LoginForm']['username']);
$cookiePassword = new CHttpCookie('phoenix_admin_password', base64_encode($_POST['LoginForm']['password']));
$cookieUsername->expire = time() + 604800;
$cookiePassword->expire = time() + 604800;
Yii::app()->request->cookies['phoenix_admin_username'] = $cookieUsername;
Yii::app()->request->cookies['phoenix_admin_password'] = $cookiePassword;
}
////////////Check like this//////////////
if(isset(Yii::app()->request->cookies['phoenix_admin_username'])){
$model->username = Yii::app()->request->cookies['phoenix_admin_username']->value;
$model->password = base64_decode(Yii::app()->request->cookies['phoenix_admin_password']->value);
}else{
$model->username = "";
$model->password = "";
}
I am working on optimizing Zend Framework Application with Doctrine ORM. I can't figure it out what particular code would I use in my controller to get this caching. Whenever I pass again the same url it should use the cache code instead of processing that logic again.
My Bootstrap file for cache looks like this:-
protected function _initCache() {
$frontendOptions = array(
'lifetime' => 7200, 'content_type_memorization' => true,
'default_options' => array(
'cache' => true,
'cache_with_get_variables' => true,
'cache_with_post_variables' => true,
'cache_with_session_variables' => true,
'cache_with_cookie_variables' => true, ),
'regexps' => array(
// cache the whole IndexController
'^/.*' => array('cache' => true),
'^/index/' => array('cache' => true),
// place more controller links here to cache them
)
);
$backendOptions = array(
'cache_dir' => APPLICATION_PATH ."/../cache" // Directory where to put the cache files
);
$cache = Zend_Cache::factory('Page', 'File', $frontendOptions, $backendOptions);
$cache->start();
Zend_Registry::set("cache", $cache);
}
Any help would be appreciated.
Check this below code to set cache if not exist or get cache if exists.
$result =””;
$cache = Zend_Registry::get('cache');
if(!$result = $cache->load('mydata')) {
echo 'caching the data…..';
$data=array(1,2,3); // demo data which you want to store in cache
$cache->save($data, 'mydata');
} else {
echo 'retrieving cache data…….';
Zend_Debug::dump($result);
}
I'm working on a web app using Slim, but I'm facing an issue with setting and persisting sessions.
Here is my index.php. I am trying to set a csrfToken key in the $_SESSION array, so that every request that is made through the app checks if the user has a csrfToken key, if not it will create one.
I'm just confused as to why it isn't persisting because on the next request it's gone. session_start is being called, it's being called automatically by '\Slim\Middleware\SessionCookie'.
Any ideas why this wouldn't be working? And would it be better to place this into middleware or use a hook?
use duncan3dc\Laravel\Blade;
use duncan3dc\Helpers\Env;
# TODO: Bootstrap the app. Move this to a seperate file. Dev only.
R::setup('mysql:host=localhost;dbname=somedb','user','pass');
$app = new \Slim\Slim(array(
'mode' => 'development',
'templates.path' => './views',
'cookies.encrypt' => true,
'cookies.secret_key' => 'mylongsecretkey',
'cookies.cipher' => MCRYPT_RIJNDAEL_256,
'cookies.cipher_mode' => MCRYPT_MODE_CBC
));
$app->add(new \Slim\Middleware\SessionCookie(array(
'expires' => '10 minutes',
'path' => '/',
'domain' => 'site.com',
'secure' => false, # Contact client to discuss using SSL
'httponly' => false,
'name' => '_sus',
'secret' => 'mylongsecretkey', # Do I need this twice?
'cipher' => MCRYPT_RIJNDAEL_256,
'cipher_mode' => MCRYPT_MODE_CBC
)));
# Not persisting ...
if(!isset($_SESSION['csrfToken']))
$_SESSION['csrfToken'] = hash("sha512",mt_rand(0,mt_getrandmax()));
# TODO: Bootstrap these.
require 'routes/index.php';
require 'routes/dashboard.php';
require 'routes/signup.php';
require 'routes/contactus.php';
require 'routes/privacypolicy.php';
require 'routes/testimonials.php';
require 'routes/login.php';
$app->run();
I figured out how to do it after reading more into hooks.
$app->hook('slim.before.router', function() use ($app){
if(!isset($_SESSION['csrfToken']))
$_SESSION['csrfToken'] = hash("sha512",mt_rand(0,mt_getrandmax()));
});
My Website is for internal purpose, I have checked in all request if user session is there or not. but it get expire if user is idle,
I have set session like.
$time = 18000;
$config = new \Zend\Session\Config\StandardConfig();
$config->setGcMaxlifetime($time);
$config->setGcDivisor(100);
$config->setGcProbability(1);
$config->setRememberMeSeconds($time);
$sessionManager = new \Zend\Session\SessionManager($config);
$sessionManager->rememberMe($time);
but also it is expire in some minutes, pls help me to solve this.
I have spend lots of time in googling, but doesn't find any solution.
In principle, I avoid using cookie.
I use ZF1 and here is my setup:
In your example, the terms are the same and I'm sure you can adapt:
Add repertory for save your session (see APPLICATION_PATH . '/../tmp' in the code)
// Production
'session' => array( 'use_cookies' => true,
'use_only_cookies' => true,
'use_trans_sid' => false,
'strict' => false,
'remember_me_seconds' => 0,
'name' => 'MyNameSessionSession',
'gc_divisor' => 1000,
'gc_maxlifetime' => 600,
'gc_probability' => 1,
//'save_path' => APPLICATION_PATH . '/../tmp', // Not for production
),
// For Dev (Session No Limit)
$appli['resources']['session']['remember_me_seconds'] = 0;
$appli['resources']['session']['gc_divisor'] = 10;
$appli['resources']['session']['gc_maxlifetime'] = 8600;
$appli['resources']['session']['gc_probability'] = 1;
$appli['resources']['session']['save_path'] = APPLICATION_PATH . '/../tmp';
I hope it will help you, otherwise I'm sorry, i could'nt help you
Good luck :)
I am trying to set the max life time of a session with the \Zend\Session\Container. To test it I put it to 1 sec.
Now I looked at the docs
So i did
$config = new StandardConfig();
$config->setOptions(array(
'remember_me_seconds' => 1,
));
$manager = new SessionManager($config);
$session = new Container('user', $manager);
But no success. Then I started googling and found this answer
So I made the config to
return array(
'session' => array(
'remember_me_seconds' => 2419200,
'use_cookies' => true,
'cookie_httponly' => true,
),
);
(the config worked and was loaded into the manager) but again no success
So I continued searching and found this answer
But again no success.
So after all the searching I couldn't get it working, so now I hope some one else got it working and can help me.
Well I finaly found out what the issue was.
The problem was that I used
$sessionConfig = new SessionConfig();
$sessionConfig->setOptions(array(
'use_cookies' => true,
'cookie_httponly' => true,
'gc_maxlifetime' => $config['authTimeout'],
));
$manager = new SessionManager($sessionConfig);
This "worked" the only issue was that there was set a cookie with the lifetime session. This ment different things in browsers. Ie in chrome it is destroyed if you close the tab, so no matter how high the gc_maxlifetime it would not work.
So an easy fix would be the following
$sessionConfig = new SessionConfig();
$sessionConfig->setOptions(array(
'use_cookies' => true,
'cookie_httponly' => true,
'gc_maxlifetime' => $config['authTimeout'],
'cookie_lifetime' => $config['authTimeout'],
));
$manager = new SessionManager($sessionConfig);
Hope it would help some one in the futue
$config['authTimeout'] is a positive integer value
$config = new StandardConfig();
$config->setOptions(array(
'cookie_lifetime' => '2419200',
'gc_maxlifetime' => '2419200'
));
Change the value of 2419200 to how many seconds you actually want.
In application global.php or you can do it in module config:
'session_config' => array(
'name' => 'your session name',
'remember_me_seconds' => 60 * 60 * 24 * 30*3,
'use_cookies' => true,
'cookie_httponly' => true,
),
check Zend\Session\Service\SessionConfig.