session timestamp in yii2 is not updating - session

I am using DB table to store session. Whenever I access any page in website, expire value in session table is getting updated.
I store a value in the session using the following api:
Yii::$app->session->set("key", $value);
After I use this command, session expire is not updating in database.
Another problem is that the stored value in session is only accessible during the same request.
Next request that value is not there in the session.
I google'd and tried all my luck but not able to figure why this is happening.
Thanks in advance

Related

Is it worth using Session + Cookie in Laravel 9?

I'm building a Laravel 9 app that relies a lot on saved data for the user. Currently, I'm using Sessions only to retrieve this data from the user later on (anywhere from 1-600 minutes after the first visit).
Would it be wiser to use Session AND Cookies together, or would it be obsolete? I'm guessing if we lose the session data somehow, then we would use the cookie data as well? Obviously, first looking at the Session data, if it doesn't exist, then check the Cookie data.
Are there any other viable mechanisms to save user data and retrieve it at a slightly later time?
You can update 'lifetime' in config/session.php.
Have a look at this:
https://stackoverflow.com/a/26231287/9882603

how to view user data in codeigniter using 3 times log out my data is not visible

I'm new in PHP and Codeigniter, by the way how to update database table when session in CI is expired and where I can put the code? I use uniqid in database, it's called token. here is my login tableusername, password, level, token, last_login, exp_time. and I want to change value token=null when session in Codeigniter is expired.
I think you're approaching this the wrong way. Sessions can expire passively, so your user DB would not be up to date.
You could use Codeigniter's option to store session data in your MySQL database and check against those entries.

Starting a Session and assigning a unique session ID in Coldfusion

I have done some very basic authentication work in PHP. In PHP you can start a session and create a unique session ID to be stored in the cookies.
How does this work in ColdFusion? How can I start a session and assign a unique ID to it?
The backstory: I am trying to a create a log in page, I can create users and authenticate their login attempts but I need to know how to give them a unique session once they have logged in.
I've taken a look at the ColdFusion documentation. The only methods I could find for sessions seemed to be for browsers that don't use cookies for whatever reason. Am I missing something?
Yup, if in your application.cfm or application.cfc you set SessionManagement to 'true' then CF automatically creates a session for each new user. You can then set a property of the session (perhaps called 'loggedin') to be true or false to manage login state. Session duration is managed through the SessionTimeout property in application.cfc
You can also use the <cfloginuser> tag to manage whether a user is logged in, although some people avoid it
Take a look at this article for an overview of application.cfc

how do i change the default behavior of session storing in the database

I enabled to store session data in the database and on every page refresh a new record gets inserted and ends up filling the session table with many rows. How can i just set it to insert a record only if no entry exists for its ip and update an existing ip?
Sessions have a timeout which you can set in the config.php file (i.e $config['sess_expiration'] = 7200 ). Once that time has reached, they expire and are deleted (through the session garbage collection mechanism).
. How can i just set it to insert a record only if no entry exists for its ip
It dosent create a new session record for each update, it simply adds/remove data from the existing session record for the given IP and user agent if the option is selected (unless the session has expired in which case it creates a new record). Codeigniter has a builtin garbage collection mechanism which will eventually (if not instantly) delete the expired session.
and update an existing ip?
Why would it update an existing ip and override its session data? that makes no sense. You could end up overwriting session data of a user who is currently using the session. If a user has stopped using the system, the session will evnetually expire and be deleted.
According to codeigniter session class page:
When a page is loaded, the session class will check to see if valid
session data exists in the user's session cookie. If sessions data
does not exist (or if it has expired) a new session will be created
and saved in the cookie. If a session does exist, its information will
be updated and the cookie will be updated. With each update, the
session_id will be regenerated.

Get session id from a session cookie in classic ASP

I'm attempting to share session data between my PHP site and an ASP site and as I have access to the ASP site's MSSQL database and some of the ASP session data appears to be in a database table I was hoping I could grab the session id from the session cookie and go from there.
I don't know a lot about ASP but from what I've read it takes the session id, encrypts it and produces a session cookie name / value. Does anyone know how I can decrypt that cookie and get the session id back?
Or is there a better way of doing this baring in mind although I have database access I'm not really able to make code changes.
You can access the sessionID via the Session object
<%
Response.Write(Session.SessionID)
%>
Note though that the session ID is only valid for a user's current session and is not persistent. i.e. if there's no activity for 20min a new session is created for the user if they return. I'd use regular cookies myself and pass a hash around.

Resources