FastTrack
FastTrack

Reputation: 8980

PHP set cookie lifetime

I have this function to start a secure session:

function sec_session_start() {
    $session_name = 'sec_session_id'; // Set a custom session name
    $secure = false; // Set to true if using https.
    $httponly = true; // This stops javascript being able to access the session id. 

    ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. 
    $cookieParams = session_get_cookie_params(); // Gets current cookies params.
    session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"],     $cookieParams["domain"], $secure, $httponly); 
    session_name($session_name); // Sets the session name to the one set above.
    session_start(); // Start the php session
    session_regenerate_id(true); // regenerated the session, delete the old one.     
}

How do I set my cookies to expire whenever the user navigates away from my app or closes their browser? Basically, every time a user visits my app, they need to login again.

Upvotes: 5

Views: 17133

Answers (1)

VoteyDisciple
VoteyDisciple

Reputation: 37803

A lifetime of 0 (which is usually the default for session cookies) does precisely what you described. See https://www.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime

Upvotes: 6

Related Questions