5

我有这个功能来启动一个安全会话:

function sec_session_start() {
    $session_name = 'sec_session_id'; // Set a custom session name
    $secure = false; // Set to true if using https.
    $httponly = true; // This stops javascript being able to access the session id. 

    ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. 
    $cookieParams = session_get_cookie_params(); // Gets current cookies params.
    session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"],     $cookieParams["domain"], $secure, $httponly); 
    session_name($session_name); // Sets the session name to the one set above.
    session_start(); // Start the php session
    session_regenerate_id(true); // regenerated the session, delete the old one.     
}

当用户离开我的应用程序或关闭浏览器时,如何将我的 cookie 设置为过期?基本上,每次用户访问我的应用程序时,他们都需要再次登录。

4

1 回答 1

6

的生命周期0(通常是会话 cookie 的默认值)完全符合您的描述。见http://us3.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime

于 2012-08-09T16:00:12.730 回答