Ajax (or rapid-fire fingers) conflicting with high security levels.
Setting security to medium or lower should fix that.
There is also the possibility that your host does a bit of "clean-up"
in php's sessions dir. Using cake sessions should fix that... I think.
I had these random logouts and it turned out to be a problem with the
security level being to high (if you call that a problem). Displaying
a form and having some ajax on the page can make the temporary
security hash in the form become "old" and then you are logged out for
being a hacker. :)
On Jan 26, 3:25 pm, "dchanco...@gmail.com" <dchanco...@gmail.com>
wrote:
> On Jan 23, 10:53 pm, brian <bally.z...@gmail.com> wrote:
>
> > Did you look into how the different Security levels affect Cake
> > sessions? I'm sure it's in the cookbook. Otherwise, there's always the
> > google.
>
> I played with the different setting but the behavior seems more random
> than
> anything else.
>
> Anybody else has any insight?
>
> > On Fri, Jan 23, 2009 at 10:51 PM, dchanco...@gmail.com
>
> > <dchanco...@gmail.com> wrote:
>
> > > On Jan 23, 3:31 pm, brian <bally.z...@gmail.com> wrote:
> > >> I believe the Security.level (in core.php) affects how soon Cake sessions last.
>
> > > My 'Security.level' is set to 'low' and 'Session.timeout' to '1440'.
> > > Shouldn't my sessions last 5 days? They don't :-(
>
> > >> On Fri, Jan 23, 2009 at 2:32 PM, dchanco...@gmail.com
>
> > >> <dchanco...@gmail.com> wrote:
>
> > >> > Hi,
>
> > >> > Can someone explain me how sessions work in CakePHP once and for all?
>
> > >> > I'm using CakePHP 1.2.0.7296 RC2 and PHP 5.2.6
>
> > >> > I have the following setting in my core.php file:
>
> > >> > Configure::write('Session.save', 'cake'); // I tried both 'php' and
> > >> > 'cake' with the same results
> > >> > //Configure::write('Session.table', 'cake_sessions');
> > >> > //Configure::write('Session.database', 'default');
> > >> > Configure::write('Session.cookie', 'CAKEPHP');
> > >> > Configure::write('Session.timeout', '1440');
> > >> > Configure::write('Session.start', true);
> > >> > Configure::write('Session.checkAgent', true);
> > >> > Configure::write('Security.level', 'low');
>
> > >> > And the following PHP settings:
>
> > >> > session.cache_expire 7200
> > >> > session.cookie_lifetime 0
> > >> > session.gc_maxlifetime 432000
> > >> > session.use_cookies On
> > >> > session.use_only_cookies Off
>
> > >> > My expectation is that my sessions should last 1400sec * 300 (for
> > >> > 'low') or 5 days.
> > >> > Yet, without closing my browser, my sessions will become unavailable
> > >> > once or
> > >> > twice a day. I.e. code that checks for a valid username in the session
> > >> > gets
> > >> > nothing and 'logs me out'.
>
> > >> > I have had this behavior hapenning in a couple of CakePHP applications
> > >> > I
> > >> > developed. What am I missing?
>
> > >> > Thank you
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment