A cookie isn't being set on my computer. It works locally but not live. I only want the cookie to exist for 20 minutes. The only reason I can think of that it won't work is because the server is in the states. I am x hours ahead. Thus the cookie set time is already expired. Is this correct?
setcookie($cookiename, $cookie, time() + 1200);
If the server time is 6am and my time is 12pm. Would the cookie be set to expire at 6:20am or 12:20pm?
If it is the former, how do I set the cookie expiry time based on the users local time? If it is the later I will do some more trouble shooting on Monday.
I've had a similar problem in the past, the advice I was always given is to make sure cookies (if set in different time zones) have an expiration of a minimum of 25 hours. This enables anyone anywhere to utilise the cookie. In alot of cases an invalid cookie = no access = a big deal.
Modern computing has made reservations for this, and synchronised time will make sure cookies are always set in the users local time. That said, exceptions are still to be found.
20 minutes is a very short time to enable a cookie, consider increasing it. If the cookie is still not set locally, I would assume your browser has blocked incoming cookies from the server.
The time() function will get the server time, but I believe Cookies use GMT time.
Easiest way to get the GM time from PHP is to use:
<?php
$gmtime = gmdate('U');
?>
So you'd set the cookie like this:
setcookie($cookiename, $cookie, gmdate('U') + 1200);
Related
I'm wondering how long php sessions are stored in server memory.What if user logs in (sets session variables in server) and he keeps his browser open for a long time suppose 30 days and he reloads the page on the 31st day? Can browser access session variables(browser still has session cookie)?
Default php.ini sets the session expiration time to 30 minutes.
Check out these settings: session.gc_maxlifetime and session.cookie_lifetime
As long as the browser have the cookie stored, it doesn't matter if it is closed or is open.
If you want to store the session for lets say 30 days, you can add:
ini_set('session.gc_maxlifetime', 30*24*60*60);
ini_set('session.cookie_lifetime', 30*24*60*60);
Normally you would code as part of your session handling code a function for expiring sessions after some time has elapsed, so in that case it would't matter how long they left there browser open
I think this depends on what you have set in php.ini http://php.net/manual/en/function.session-set-cookie-params.php
By using $_SESSION['loggedin'] = true, my users will only be logged in until they close their browser.
How can I keep them logged in forever? (like Facebook or Stack Overflow)
First of all, you do need to set your session timeout to a longer length. I would be conservative and do 30 days, opposed to previously recommended time() * 9999999999999. Setting the session timeout to a long time will ensure that your session isn't deleted on browser close.
Second of all, you need to decide where to set this timeout. If you're only running one site from a specific server, just modify the php.ini file. You're looking for something called session.gc_maxlifetime.
Lastly, you must be cautious of doing this. Sites like Facebook and GitHub require you to reconfirm your password before making account-level changes. So, keep security in mind when setting long timeouts.
The default PHP session is 24 minutes.
You need to use
$_SESSION['timeout'] = time() * 9999999999999; // infinity
Make sure that you regenerate a session every now and then to protect against session stealing.
I am new to php , I came across cookie and persistent cookie and i understand the difference between them.My question is that how can i make cookie persistent or temporary.I found only one syntax for cookies
<?php
setcookie("user", "Alex Porter", time()+3600);
?>
Thanks
Phisically speaking, there is only one kind of cookie. You can make it persistent by choosing a large enough expiration time. If the expiration time is set to 0, the cookie will last only until your page is opened in the browser.
Your example cookie is persistent, it expires in one hour.
Here is a link with a short explanation.
Most likely you can hardly access the phisical cookie on your hard disk, because borwsers store them in their internal logic. For example Firefox store cookies in a local SQLite database file in the browser's profile folder.
When creating a cookie, 3rd argument (time()+3600 in your example) specifies cookie's expiry date.
time()+3600 means now+3600 seconds, which is 1 hour in the future. Time() function returns current time (unix time) in seconds.
There is no such thing as a really permanent cookie, more like expiring far in the future cookie.
I was creating my website when I created a new cookie with this php line :
setcookie('subscribed', 'true', time() + 365*24*3600*100, '/', null, false, true);
I realised my browser (Google Chrome) refused to get that cookie. When I looked at my cookies in Google Chrome it wasn't there. I started fiddling with the different settings until I saw that this worked :
setcookie('subscribed', 'true', time() + 365*24*360, '/', null, false, true);
Which meant that changing the expiration time to a lower value did work as a means of making this work.
My question is, what is the lowest expiration time you can set for a cookie in Google chrome? Does anyone know of this policy?
I have just tried that on a 64bit OS with Chrome as a browser and Apache as a server, and it works flawlessly. It shows the cookie's expiration time to be somewhere in the year 2113.
dev-null-dweller is probably right: Any date beyond 03:14:07 UTC on Tuesday, 19 January 2038 will wrap around to some time close to 1900, thus forcing the cookie to immediately disappear (on 32bit platforms, that is).
Work around this by setting cookie expiration times to be no more than 10 years in the future, or so. This is already beyond the reasonably expectable lifetime of any electronic device, which will hold it, anyways.
If someone is trying to understand why Chrome accepts cookie but sets max expire date to be shorter than expected, there was a change in Chrome 104 which sets max expire time to be no more than 400 days.
Limiting expiration date of cookies to 400 days works for expires and max-age js settings as well.
Assume other browsers will follow soon.
I was trying to set 3 years cookie expiration and got strange behavior, as had some cookies valid until 2038, hope this answer will save some time. BTW, for old cookies, set before v104, expiration date is not modified, at least for now.
Basically, a php session won't expire while a user is surfing on a website. But "while the user is surfing on the website" means that there are get and post requests. Nevertheless, i can't figure out if there has to be new requests, or if one active request is enough to maintain the session…
For instantce, i have a big file upload by post. It could then take hours. Will the session expire or not ?
The lifetime of a session depends on the ini setting session.gc-maxlifetime. Every access to the session (read and write) resets the timer. After the timeout, when the session garbage collector runs, the session values are destroyed.
The default value is 1440, which means 24 minutes. So if you have hits that access the session in any way at least every 24 minutes, the session values will stay.
If you need the session to stay alive longer than that, you can extend the timeout with ini_set (use before session_start()), for example:
ini_set('session.gc_maxlifetime', 24*60*60); // 24 hours
It shouldn't. Usually when I work with $_SESSION's, they last for a day or so. But it might on some servers. In that case you need to add cookies, too. With cookies you can exactly manipulate the time the person can be online for.