session-variables

Is it "better" (more efficient, faster, more secure, etc) to (A) cache data that is used on every page load in the $_SESSION array (but still querying a table for a flag to reload the data fresh), or (B) to load it from the database each time? I'm using the cache method (A), but I'm worried that with hundreds of users, memory could become an issue? It's just simple data, like firstname, lastname, birthday, etc. With either method, there's still a query being run. Thoughts? If your data is used on every pages, and is the same for all users, I wouldn't cache it in $_SESSION (which means having a

I'm using the latest Flask/Werkzeug (Flask 0.9) client-side sessions to persist information between requests. The session is not set to be persistent (as I'm fine with the cookie being deleted when the browser is closed). My problem is as follows: I use some server-side code to fill the Flask session variable with an entry. After this, the Session variable looks something like this: <SecureCookieSession {u'items': SOMENOTVERYIMPORTANTDICTIONARY}, '_fresh': True, 'user_id': u'1', 'csrf': '0aef1995cdf2cxx0233fdf3321d17fc7267f3b32', '_id': 'someUNIQUEcode'}*> I use this information to render a

I am making a registration system with an e-mail verifier. Your typical "use this code to verify" type of thing. I want a session variable to be stored, so that when people complete their account registration on the registration page and somehow navigate back to the page on accident, it reminds them that they need to activate their account before use. What makes this problem so hard to diagnose is that I have used many other session variables in similar ways, but this one is not working at all. Here's my approach: /* This is placed after the mail script and account creation within the same if

Preface : this is a "development" from an earlier question of mine, whose answers didn't solve my problem in the end. But through trying all the suggestions and also trying other stuff, I discovered that the real problem is something else, so I rephrase my question here I have a login page/system which has worked correctly for years, leaving the user logged in until he/she either closes the browser window or logs out manually. But lately after only a few minutes of inactivity the session cookie/s seemed to expire, causing the user to be logged out automatically. This happens on different

By default laravel sessions expire after two hours, I know this is for security but I have a web app which has a mobile app(android webview). Users keep complaining that they need to login each time they come to the app. As a temporal solution I will like to know how I can set this variable to "forever". thanks in advance 'lifetime' => 120 what I want 'lifetime' => infinity Max integer value in PHP is 2147483647 for 32 bit platform and Laravel multiplies lifetime value by 60. So maximum lifetime value is 35791394 for 32-bit platform. It's 68 years, so it's kind of infinity for the session. )

I have a website where users can log in. I have tried: <?php echo $_SESSION ['userlogin'] and When users login I set their session as userlogin, but it won't show their username. This is the tutorial I used Did you start the session before using it? So to set it: <?php //Fetch the username from the database //The $login and $password I use here are examples. You should substitute this //query with one that matches your needs and variables. //On top of that I ASSUMED you are storing your passwords MD5 encrypted. If not, //simply remove the md5() function from below. $query = "SELECT name FROM