History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: ZF-3324
Type: Bug Bug
Status: Resolved Resolved
Resolution: Not an Issue
Priority: Minor Minor
Assignee: Ralph Schindler
Reporter: Marko
Votes: 4
Watchers: 3
Operations

If you were logged in you would be able to see more operations.
Google issue summary
Zend Framework

remember_me_seconds in ini file does not change cookie lifetime

Created: 25/May/08 05:44 PM   Updated: 18/May/09 07:03 AM
Component/s: Zend_Session
Affects Version/s: 1.5.1
Fix Version/s: 1.8.2

Time Tracking:
Not Specified

 Public Fields   Internal Project Management Fields   
Tags:
Participants: Marko, Ralph Schindler and Wil Sinclair
Fix Version Priority: Should Have


 Description  « Hide
When loading Zend_Session options via an ini file using the Zend_Session::setOptions() function, the remember_me_seconds setting in the ini file does not change the cookie lifetime. Cookie lifetime does change if the programmer calls Zend_Session::rememberMe().

Zend_Session::rememberMe() internally calls Zend_Session::rememberUntil() to set the cookie lifetime. However, Zend_Session::setOptions() does not call rememberUntil() on the remember_me_seconds option and so the cookie lifetime does not get set.

This can be mitigated by using Zend_Session::rememberMe() for this one option.

 All   Comments   Work Log   Change History   FishEye   Crucible      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Wil Sinclair - 07/Jun/08 09:38 PM
Please evaluate and fix/categorize as necessary.

[ Permlink | « Hide ]
Ralph Schindler - 18/May/09 07:03 AM
Actually, this is the desired behavior. The goal of the rememberMe feature is to be able to modify the cookie_lifetime of an already started session, without destroying the existing session.

So by setting the value of remember_me_seconds via an ini value, you are saying that when you call rememberMe(), it will use the value provided by the ini setting.

To be able to change the cookie lifetime for all sessions from when they first start, use the cookie_lifetime setting:

Zend_Session::setOptions(array('cookie_lifetime' => $someLongValue));

In summary the options are:
cookie_lifetime - initial lifetime for all sessions
remember_me_seconds - the value to chage the lifetime of a cookie to if this feature is opted into (thus, the application called Zend_Session::rememberMe())

Presumably, by the time you get a screen to present the user with the rememberMe() feature, they have already started the default session in your application.

Make sense?
Powered by a free Atlassian JIRA open source license for Zend Framework. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12.2-#300) - Bug/feature request - Atlassian news - Contact Administrators