Sessions are maintained using a cookie containing the session id. Cookies contain an expiry timestamp defined in GMT. This means that your webserver will take time(), add the session expiry timeout to it, and converts it from local time to GMT before sending the cookie out.
The mechanism goes very wrong if: - the timezone setting of your server is wrong - the timezone setting of your application doesn't match the server - the time of the server is not correct - the time of the PC running the browser is not correct
Given the fact that the default session cookie timeout is two hours, you get this when it's off somewhere by more then two yours.
For example, if your server is in PST (which is GMT-8), and you're config setting says UTC, all GMT time calculations made by your application are off by 8 hours.
Absolutely. As documented and mentioned in the release notes, you HAVE to set the correct timezone in the config. And it MUST match the timezone of your service.
If your server is on America/New York, and you tell Fuel it's in UTC, GMT time calculation will be off by 5 hours, causing the session to fail.
So note it's not about time(), which is the local time, but about the calculation of GMT time.
So I guess my last question is.. what do I change UTC to? Is GMT the same as EST? Or do I just turn it to EST? I'm not really entirely sure what time UTC is in and what thing I would put in for America/New York unless I put THAT there as well??
No, GMT = Greenwich Mean Time, which unless you're in the UK is the wrong timezone for you. UTC is equal to GMT, unless daylight savings is in effect, in which case it's GMT+1.
It should be the same as defined on your server, which should be the same as in your php.ini (the date.timezone parameter), which should be the same as your config.php timezone setting.
In your case, they should all be "America/New York" if that is your local timezone.
Ok I have BOTH set to EST... still logging me out. It keeps me logged in on the home page no matter how many times I refresh, but as soon as I go to a different page, it logs me out...
Do you maybe have to initiate some sort of Session on every single page to keep it going? Like I click on News and it shows me logged in, but if I refresh once, it logs me out. And keeps me logged out even when I go back to the homepage.
It was because I was creating another instance of Auth and I guess it was overriding it or something. And I was getting the userid from the session in the base controller AND news controller. So now I just made a protected static variable called $userid in the base controller so i can access it from the other controllers using parent::$userid :)
Donate
