What is PHP session_start()

The PHP session system lets you store securely data in the $_SESSION global array. A typical example is to store the user’s identifier in the session when they type in their password: if ($user = try_login($login, $password)) $_SESSION[‘user’] = $user; Then, you can access that information on all other pages: if (isset($_SESSION[‘user’])) // logged in … Read more

How to kill a/all php sessions?

You could try to force PHP to delete all the sessions by doing ini_set(‘session.gc_max_lifetime’, 0); ini_set(‘session.gc_probability’, 1); ini_set(‘session.gc_divisor’, 1); That forces PHP to treat all sessions as having a 0-second lifetime, and a 100% probability of getting cleaned up. The drawback is that whichever unlucky user runs this first will get a long pause while … Read more

Devise limit one session per user at a time

This gem works well: https://github.com/devise-security/devise-security Add to Gemfile gem ‘devise-security’ after bundle install rails generate devise_security:install Then run rails g migration AddSessionLimitableToUsers unique_session_id Edit the migration file class AddSessionLimitableToUsers < ActiveRecord::Migration def change add_column :users, :unique_session_id, :string, limit: 20 end end Then run rake db:migrate Edit your app/models/user.rb file class User < ActiveRecord::Base devise :session_limitable … Read more

How to send flash messages in Express 4.0?

This Gist should answer your question: https://gist.github.com/raddeus/11061808 in your application setup file: app.use(flash()); Put that right after you set up your session and cookie parser. That’s really all you should need to use flash. You are using: req.flash(‘signupMessage’, anyValue); before redirecting to /signup right? Here’s a fun little tidbit that I currently use for a … Read more

Accessing session from TWIG template

{{app.session}} refers to the Session object and not the $_SESSION array. I don’t think the $_SESSION array is accessible unless you explicitly pass it to every Twig template or if you do an extension that makes it available. Symfony2 is object-oriented, so you should use the Session object to set session attributes and not rely … Read more