• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
sess_expire_on_close config option questions

#1
[eluser]besson3c[/eluser]
I'm trying to implement a "save password" checkbox in my login form. I would like for users that have this option checked for this config option to be set as false, and for users that don't for this config option to be set true.

It appears that a simple $this->config->set_item('sess_expire_on_close', true) does not work to modify the value of "false" entered into my config file, I'm assuming because the session has already been initialized and the cookie already created.

What is the most elegant way to recreate session information depending on this checkbox selection, or, IOW, how can "sess_expire_on_close" be set dynamically?

#2
[eluser]besson3c[/eluser]
Anybody?

#3
[eluser]WanWizard[/eluser]
You mean you need a "remember me" function?

This has been discussed recently, use the search option.

#4
[eluser]besson3c[/eluser]
[quote author="WanWizard" date="1306936122"]You mean you need a "remember me" function?

This has been discussed recently, use the search option.[/quote]

Sorry! I did both now and prior to thread creation, and I'm not seeing that thread you speak of. Am I blind?

#5
[eluser]LuckyFella73[/eluser]
Maybe that one:
http://ellislab.com/forums/viewthread/109645/

I didn't test but you can try.

#6
[eluser]WanWizard[/eluser]
In a nutshell:

Look in the session class on how the session cookie is constructed. Use that code for your 'remember me' class, give the cookie a unique name, and add some identifier that links to the user in the payload (instead of the session data).
Use the expiry of the cookie to control how long the "remember me" function should be valid for.

Do not just add a cookie, anyone can create one that contains a user id. Make sure it's secure and encrypted. And CI's session library fits the bill, so re-use it.

When you load your class, check if the cookie is present (like the session class does), and if so, do an auto-login of the user. Autoload your library to make sure you have a valid user state before your controller starts.

#7
[eluser]besson3c[/eluser]
[quote author="WanWizard" date="1306973848"]In a nutshell:

Look in the session class on how the session cookie is constructed. Use that code for your 'remember me' class, give the cookie a unique name, and add some identifier that links to the user in the payload (instead of the session data).
Use the expiry of the cookie to control how long the "remember me" function should be valid for.

Do not just add a cookie, anyone can create one that contains a user id. Make sure it's secure and encrypted. And CI's session library fits the bill, so re-use it.

When you load your class, check if the cookie is present (like the session class does), and if so, do an auto-login of the user. Autoload your library to make sure you have a valid user state before your controller starts.[/quote]


Yeah, as I've been researching this I've been thinking that it might be cool to create a CodeIgniter spark out of a library that would create entries in a "ci_cookies" table and do just as you've described here. Another part of this library would be disabling access to accounts (that may have a valid cookie set). If I decide to go ahead with this work I'll update this thread with my progress...


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.