Changing dynamic cookie time in php session
Is there a way to change the dynamic lifetime in a cookie without using a session? I searched and I found that I have to set the cookie parameters first and then initialize the session with start_session()
.
/**
* Class to handle sessions in whole system
*/
class _session
{
protected $cn = null;
private $_sessionData;
private $_name = "";//name for session
private $_name_user = null;
function __construct($user)
{
$this->_name_user = $user;
$con = new _conecction();
$cn = $con->connect();
}
function checkActive()
{
session_name($this->_name);
if (!isset($_SESSION)) {
session_start();
}
$RS = $this->DBmgr->execute("
EXEC TP_SESION
@ACT = 'chkSession',
@SNAME = '".session_name().session_id()."',
@HASH = '". (isset($_SESSION['login_string'])?$_SESSION['login_string']:'NULL') . "'");
if($RS===false){
return false;
}else{
$SES = odbc_fetch_array($RS);
if($SES){
$this->DATA = array(
'_USER_ID' => $SES['codigo_usuario'],
'_USER_NAME' => $SES['usuario'],
'_USER_ADM' => $SES['es_administrador'],
'_EMP_ID' => $SES['codigo_empresa'],
'_EMP_NAME' => $SES['nombre'],
'_EMP_DB' => $SES['base_datos']
);
return true;
}else{
return false;
}
}
return false;
}
function start()
{
$secure = false;
$httponly = true;
ini_set('session.use_only_cookies', 1);//only cookies
$cookieParams = session_get_cookie_params();
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_start();
session_regenerate_id(true);
$user_browser = $_SERVER['HTTP_USER_AGENT']; //Obtén el agente de usuario del usuario
$C_Usr = preg_replace("/[^0-9]+/", "", $C_Usr); //protección XSS ya que podemos imprimir este valor
$N_Usr = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $N_Usr); //protección XSS ya que podemos imprimir este valor
$_SESSION['login_string'] = hash('sha512', $PWD.$C_Usr.$user_browser.$N_Usr);
$RS = $this->DBmgr->execute("
EXEC TP_SESION
@ACT = 'Start',
@IDUSR = $C_Usr,
@SNAME = '".session_name().session_id()."',
@HASH = '".$_SESSION['login_string']."'");
if($RS===false){
return false;
}else{
$SES = odbc_fetch_array($RS);
if($SES){
$this->DATA = array(
'_USER_ID' => $SES['codigo_usuario'],
'_USER_NAME' => $SES['usuario'],
'_USER_ADM' => $SES['es_administrador'],
'_EMP_ID' => NULL,
'_EMP_NAME' => NULL,
'_EMP_DB' => NULL
);
return true;
}else{
return false;
}
return false;
}
}
function close()
{
session_destroy();
}
private function getId()
{
return session_id();
}
function getNameCompany(){
return $this->DATA['_COMP_NAME_'];
}
function getUserId()
{
return $this->DATA['_USER_ID'];
}
function getUserId()
{
return $this->DATA['_USER_ID'];
}
function getIdCompany()
{
return $this->DATA['_ID_COMP'];
}
private function getSessionName()
{
return $this->_name;
}
private function setIdCompany($id)
{
$this->DATA['_ID_COMPANY_']
}
private function setLifeTime($time)
{
}
}
+3
source to share
1 answer
http://www.php.net/manual/en/session.configuration.php
You can change this constant in php.ini or .httpd.conf files.
To set the timeout to one hour using the .htaccess method, add this line to your .htaccess file in your site root:
php_value session.gc_maxlifetime "3600"
0
source to share