Difference between #11 and #13 of
Checking for "expired" sessions/logins on the client side

Changes

Title unchanged

Checking for "expired" sessions/logins on the client side

Category unchanged

How-tos

Yii version unchanged

Tags unchanged

csrf, login, cookie, UserIdentity, user auth, security, session, allowAutoLogin, Cache-Control

Content changed

[...]
In the proposed methods, the popups are modal to force the user to reload or close the page.

You should use your own CWebUser subclass as indicated below for full functionnality.

I haven't set up a test case to demonstrate the issue, but the following procedure should demonstrate the issue:

 
- Open a web page in your browser with a form relying on the YII_CSRF_TOKEN for submitting the data.
- Close the browser (with the reopen tabs functionnality active);
- Reopen the browser -> your form page should appear.
[...]
*/
public static function MonitorSessionJQueryDialog($timeout=2,$showCloseButton=true) {
Yii::app()->clientScript->registerCoreScript('jquery-.ui');
$title=CJavaScript::encode(Yii::t('app','Session Expired'));
$msg=CJavaScript::encode(CHtml::tag('div',array(),Yii::t('app','Your session expired and this page must be reloaded.')));
$btReload=CJavaScript::encode(Yii::t('app','Reload'));
if($showCloseButton) {
$btClose=CJavaScript::encode(Yii::t('app','Close'));
[...]
4 0
12 followers
Viewed: 37 317 times
Version: 1.1
Category: How-tos
Tags: allowAutoLogin, Cache-Control, cookie, CSRF, login, security, session, user auth, UserIdentity
Written by: le_top
Last updated by: le_top
Created on: Jun 12, 2013
Last updated: 9 years ago
Update Article
Revert to #11 | Revert to #13

Revisions

View all history