How to avoid user logout when closing your browser with PHP?

Asked

Viewed 906 times

3

I currently use SESSION. When I close the browser, it disconnects. How can I make a way in login by clicking on continue connected, user not disconnect after close?

2 answers

5


Every session is a cookie, but the cookie data is saved on the server instead of the browser, the session cookie is like a token

You can use the session_set_cookie_params

void session_set_cookie_params ( int $lifetime [, string $path [, string $domain [, bool $secure = false [, bool $httponly = false ]]]] )

Setting the lifetime will increase session time as it is technically impossible to create an infinite session.

What would look like this:

session_set_cookie_params(<tempo em segundos>);
session_start();

However it does not update after creating the Cookie, so you may have to use setcookie:

session_set_cookie_params(<tempo de vida>);
session_start();
setcookie(session_name(), session_id(), time() + <tempo de vida>, '/');

You can also implement a simple Ajax to keep running a small script, just to keep the session:

php session.

<?php

$tempodevida = 2678400; // 1 ano de vida
session_set_cookie_params($tempodevida);
session_start();
setcookie(session_name(), session_id(), time() + $tempodevida, '/');

Ajax with Javascript:

(function sessao() {
    var oReq = new XMLHttpRequest();
    oReq.open("GET", "sessao.php", true);
    oReq.onload = function () {
        //Após o Ajax terminar a requisição executará daqui 5 segundos
        setTimeout(sessao, 5000);
    };
    oReq.send(null);
})();//Auto executa

With jQuery:

(function sessao() {
    $.ajax("sessao.php").then(function () {
        //Após o Ajax terminar a requisição executará daqui 5 segundos
        setTimeout(sessao, 5000);
    });
})();//Auto executa

However I need to make it clear that this will not affect the session.gc_maxlifetime, because this is solved in the back end by PHP itself, you can even try to extend the time by changing php.ini this line:

session.gc_maxlifetime=coloque aqui o tempo limite;

Still this will affect all sessions, which will not always be what you want.


How the browser interprets with session_set_cookie_params and without

Undefined session_set_cookie_params:

sem session_set_cookie_params

With session_set_cookie_params:

com session_set_cookie_params

That is, when Exhale/Max-age is equal to Session means that when the browser is closed and opens again this cookie will cease to exist, but when set the lifetime the cookie will have an expiration date and every time it uses session the time will be updated.

  • This will work even if the guy closes the browser?

  • @lffg updated the answer, can try, if something fails let me know.

1

Putting out a cookie. In such cases I place the cookie with any value (usually use uniqid) and saved in the database with the guy’s IP, so I do not run the risk. Every time it opens I check if the cookie exists and search in the database the cookie to check the current IP with the IP that is in the database.

  • Hello, can you explain better how it works?

Browser other questions tagged

You are not signed in. Login or sign up in order to post.