tags:

views:

80

answers:

5

Hello,

Could anyone tell how to maintain a session (in PHP) so that the session contains are preserved and are accessible even after the browser is restarted.

In general a session expires with the closing of a browser, but I want the session NOT TO BE CLOSED so that the session data's can be accessed the next time the browser is used.

+1  A: 

This can be done if you use cookies instead of sessions.

captaintokyo
sessions use cookies, so ...
remi bourgarel
Well, what I meant was using setcookie instead of session_start
captaintokyo
@remi sessions can work without cookies as well.
Col. Shrapnel
with url params (or whatever place in the http request), but it's not the default behavior and I think that here we are looking at a normal case. But you're right indeed
remi bourgarel
+5  A: 

Use session_set_cookie_parameters() to give the session cookie a non-zero lifetime before starting the session, or set session.cookie_lifetime to non-zero.

Ignacio Vazquez-Abrams
A: 

Session in php (and in most web technologies) work like this :

You store a session id in a cookie on the client computer.

When the client come to your site he send you the session id.

The server find the session datas in a file with the session id and load it.

So closing the browser has not effect on the session, but if the browser empty the cookie when you close it (I don't think any browser do such a thing).

If you wana be sure the user is always logged in, you can store it's user/password in his cookies but it's not really safe.

remi bourgarel
Or you can store a cryptographic token in the cookies instead.
Ignacio Vazquez-Abrams
Why it's not safe? It's absolutely safe if you use cookies safely and cleverly.
hey
@hey : it's not safe : I go on your computer, I go to the cookies directory and I read your login informations, and I'm 99% sure that you use these informations in some other websites. If it's a public computer it's even funnier. @ignacio : indeed you can create your own session system.
remi bourgarel
If you had physical access to my machine, Cookies would be the least of my worries.
Ollie
I think so, I could check your bank account, or your pro email. And in a public computer anyone can see cookies from previous users.
remi bourgarel
+1  A: 

It's oxymoron.
Session stands for "until browser is closed".
Session is something that expires.
If you don't want it to be expired, you're probably don't want a session at all.

You are probably messing session with cookie or database.

Col. Shrapnel
Sessions work with cookies, which are deleted when the browser is closed, _unless_ they have a specific life-time.
elusive
@elusive 1. cookie is not the only thing responsible for the session lifetime. 2. I am talking of term "session", not specific PHP mechanism. but PHP session ideology of course follows this definition. You can disregard that behavior, but you will just spoil yourself.
Col. Shrapnel
Cookies are called *session cookies* if they expire when the browser session expires. And that is the case when the browser is closed. But such a session cookie does not need to contain a session ID.
Gumbo
@Col. Shrapnel: The cookie should not be responsible for the session lifetime at all; it’s the server that maintains the session, not the client.
Gumbo
A: 

Thank you for all your answers. I readed the faq about sessions again and I realised that I can't do this right.

My solution was to "create a session in the db". I mean I created a table called sessions and keeped there the session's vars. A cookie is storing the session id and a variable is loaded after every page refresh containing the session's vars from the db.

Anyway, thanks for your replies.

Octavian