http://www.idkfa.com/v3 idkfa: syndicated http://www.idkfa.com/v3/v_thread.php?thread_id=4030&msg_id=4030 SPDCA: Cookies. For the longest time I've fought with browser cookies. (Browser cookies are small, named variables passed between a web server and a web browser. They are what allow servers to maintain stateful information about you (Are you logged in? What is in your shopping cart? etc.) over the course of your browsing session. They often looked upon as the least sophisticated part of the HTTP protocol specification.) In all of my previous projects, I have simply tried to get the cookies "right," and then walk away and never touch it again. In v2, they were a goddamn mess. Not only was I passing back and forth your username (something that's easy to guess and/or forge), I was also passing back and forth your plaintext, unencrypted password (something that is notoriously easy to spot if you were, say, listening in on a coffee shop wireless, etc.). Even worse: upon every page access I tried to "update" the cookie so its expiration time would be pushed further out. Each time I did so, I told the server to re-send your password in order to update the timestamp. It's probably for the best that I shut that baby down. For v3, I decided I would try to address the problem. PHP (the programming language I designed idkfa in) has built-in session tracking functionality that takes care of things like encryption, session creation / breakdown, complex data types stored within the session, and session validation. Unfortunately that decision, up until now, has caused my idkfa logins to last around 24 minutes unless you were a) a user actively accessing the site, or b) sitting on auto-update. This is for the following reasons: The session_set_cookie_params and session_cache_expire functions both take time values to determine how long a cookie should be issued for, and how long that cookie should be in the system's cache. The former takes its time value in seconds. The second takes its time value in minutes. The kaiden@idkfa.com (kaiden) idkfa Thu, 26 Jan 2012 13:14:27 -0900 http://idkfa.com/v3/v_thread.php?thread_id=4030&msg_id=4030