Time and cookies question

stew1

Hi,

Is there anyway (say from the request header) of assertaining the time on the clients PC? The reason I ask is that I want to set a cookie that will only last for a short time (typically 15 minutes). If I set it this way.....

setcookie("seshid",$seshid, time() + $sesh->expiry_time,"/",".mydomain.com",0);

and the client PC's clock is 14 minutes fast then the cookie will only last for 1 minute.

Any ideas??

Regards

Stew

mogster

Are you sure?
As far as i know, client time means nothing to php. And the cookie-value $seshid's timestamp is a set value (not dependant on the pc clock), and will be measured against some other set value (in php) to define wether or not the time has expired.

knutm

stew1

I'm sure!

If the cookie is set at 9:00 am (+ 15 minutes expiry time) (server time) and the time is 9:14 am on the client side then the browser will delete the cookie 1 minute after it has been set.

I know small differences in time probably don't make that much difference in applications where the cookie will only last on a per session basis or where they might be set for a day or even a month, but I want to make sure all information about a previous session is removed after the alloted period (in this case 15 minutes) of in-activity has expired.

mogster

Well, I still have a hard time believing this 😉

But you can still work around it, depending on how your script controls the time.
Use session cookies (no time setting in cookie), then set time manually:

<?PHP
$timed = time();
## Set session_id ##
setcookie("seshid", $seshid);
## Set manual timestamp ##
setcookie("runtime", $timed);
?>

<?PHP
$time_limit = time() - 1500;
## Check wether time is past timelimit ##
if($runtime < $time_limit) {
## Unset session (or you may start a new) ##
setcookie("seshid", "");
header("Location:another_page.php");
}
?>

knutm