The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
09-25-2005, 04:09 PM
|
||||
|
||||
About cookies, sessions and the Remember Me box...
I know a bit about cookies and sessions but I wonder if some of you could educate me about the details. The reason I ask is that I occasionally, but regularly, get emails from my members that they lose posts or edits to their profiles because they are prompted to log in after hitting the Submit button. (my member profiles are long, and can often take a long time to write) 95%+ of my members do not have problems like this, but some do.
First question... this sounds like a cookies issue right? The login/member cookie(s) are probably not being set for these members? Second question... if a cookie is not set how long does the php Session variable last? How long before the member gets the log in screen again? Third Question... If the Remember Me selection box on the login panel is NOT selected then no cookies will be set, is that right? So the member will see the same behaviour as if the cookies are blocked for them, is that right? 3B... What's wrong with forcing the Remember Me selection to ON by making it a hidden field? Are there disadvantages of doing that? Fourth Question... I notice that many of the internal URLs in my templates have the variable $session[sessionurl] attached to the URL, so for example my Navbar template has the following link to one of my subforums: <A HREF="$vboptions[bburl]/forumdisplay.php?f=3&$session[sessionurl]"> What is $session[sessionurl]? It is always blank in the Address line of my browser when surfing the site, is that normal? So basically I am looking for a primer on cookies and sessions as it relates to vB. Thanks in advance for any information. - Drew 
|
|
#2
09-25-2005, 07:06 PM
|
|||
|
|||
|
1. Not always true, see 2.
2. AdminCP->vBulletin Options->Cookies and HTTP Header Options->Time-Out for Cookie A user will stay logged in for the number of seconds defined in the above var. If a user has no activity (page load) for this number of seconds, his session will expire. If he has ticked remember me, then he will be logged in again automatic on the next page load. 3. Wrong, only the login information (password) will not be stored in the cookie. The same time-out will still apply, but the member must provide his password again if there have been no activity for the time-out period. 3B Why force? It is the free choice of the members. What about a Staff member using a public/shared computer? 4. $session[sessionurl] is always blank, unless the browser is not capable of handling cookies. You can increase the Cookie timeout a little from the default 900 (15 minutes), but don't make it too high, since it can have a negative effect on the performance. Advice your members to load a page in a second window if they have been writing a very long story and are in risk of having exceeded the timeout period.
|
|
#3
09-25-2005, 07:18 PM
|
||||
|
||||
|
Thanks Marco. Great info there, and I need to digest it for a little bit, and do more testing. But that is the primer I was looking for to get a handle on this "lost profile/lost post" problem. My "Time-Out for Cookie" settings is set to half of the default (7.5 minutes), which might be a big part of my problem right there.
- Drew
|
|
#4
09-25-2005, 07:50 PM
|
|||
|
|||
|
Yes, shorter then the default might get your members into problems very fast.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 01:24 PM.