[thelist] Sessions. When do they End?

jeff jeff at members.evolt.org
Mon Mar 12 04:02:19 CST 2001


: From: adams.craigv
: Occassionally I've had the need to use
: session variables.   I'm curious to know
: when a Session ends exactly, other than
: when you kill it explicitly.
: So far I know, session variables die when
: the client closes their browser.  But,
: when else?

actually that's not an entirely true statement.  sessions die when the user
has not interacted with the server for a specified timeout period.  this is
somewhat dependent on your methods of tracking the session.  if you're using
a session cookie (one that is deleted when you close your browser) then the
connection from the user to the session is lost.  however, the server still
has that session in memory until the timeout has been reached.  if you're
using some sort of string in the url as a means of connecting the user to a
session then it's entirely possible the user could bookmark a page (provided
that session identifying string is in the url they're bookmarking), close
their browser, come back later (but still within the allotted period of
inactivity), and visit that bookmarked url in their browser and still be in
that session.

: Personally... in most cases, I'd like
: the session variables to die when the
: client leave the website's domain.

in some cases that would be ideal.  however, http is a stateless protocol.
what this means is that the server has no knowledge of what the user is
doing after it's given the user the page they requested -- hence the reason
for timing sessions out based on a period of inactivity.

good luck,


mailto:jeff at members.evolt.org

More information about the thelist mailing list