I am working with a client with some strict security measures. After undergoing security review, we were notified that the user name stored in the logged in cookie, e.g. wordpress_logged_in[username]|[hash] is something that has to be removed. Since this is an integral part of the login system, I’m not sure how to remove it and … Read more
WordPress does not use sessions. I always wondered what mechanism does WP use to maintain a user state when user goes from page to page? 2 s 2 It uses bare cookies and stores the login state information client side. + = wordpress_7339a175323c25a8547b5a6d26c49afa=yourusername%7C1457109155%7C170f103ef3dc57cdb1835662d97c1e13; Where do all these cookies and salt come from? The salt is … Read more
I need to keep a session alive for 30 minutes and then destroy it. 17 s 17 You should implement a session timeout of your own. Both options mentioned by others (session.gc_maxlifetime and session.cookie_lifetime) are not reliable. I’ll explain the reasons for that. First: session.gc_maxlifetime session.gc_maxlifetime specifies the number of seconds after which data will … Read more
I want to logout user autometically when user is idle for more than 10 minutes.That mean suppose user is logged in to a site and user didn’t browse any pages for more than 10 mins.when he browse any page after 10mins, it will logout user and redirect to login page.Any Solution? Advance Thanks. 1 You … Read more
Not sure if this is a bug or by design, but it’s damn annoying. Every so often, more so after updating the core, while in the admin section, I get booted out with the infamous “Your session has expired” message. Strange in itself since apparently WP doesn’t use sessions. The login prompt comes with a … Read more
How can i use my own (custom) session value in WordPress? For example: $_SESSION[‘myname’]=”4lvin” I’ve already inserted session_start() at all page i need as following. <?php session_start(); $_SESSION[‘myname’] = “4lvin”; ?> But not working Global-wise. Just working on the self page. It is NOT call-able Globally from another pages (using same logic). 4 EDIT: “THE … Read more
I have a form with some checkboxes and inputboxes selectboxes and it shows what the user wants via an ajax call. The problem is that when the user click on the item and the detail page is shown and then decide to go back to the previous page he needs to click and select his … Read more
What is wrong here is that your session management configuration is set to close session when you commit transaction. Check if you have something like: <property name=”current_session_context_class”>thread</property> in your configuration. In order to overcome this problem you could change the configuration of session factory or open another session and only than ask for those lazy … Read more
