PHP sessions timing out too quickly
Question
I'm using php Sessions on my website and it seems like they are "disappearing" at random intervals. I don't know if they are timing out due to inactivity or if something is wrong with my code, but is there some way to control the sessions of when they expire?
Like can I put something in my code or change something in the php.ini file?
Update- So just and update here, I switched hosts and magically the sessions started working. I have no clue what was wrong but apparently they did not want to work correctly.
4 answers
solution1
49 ACCPTED 2010-08-24 10:40:45
Random expiration is a classical symptom of session data directory shared by several applications: the one with the shortest session.gc_maxlifetime time is likely to remove data from other applications. The reason:
- PHP stores session files in the system temporary directory by default.
The builtin file handler doesn't track who owns what session file (it just matches file name with session ID):
My advice is that you configure a private custom session directory for your application. That can be done with the session_save_path() function or setting the session.save_path configuration directive . Please check your framework's documentation for the precise details on how to do it in your own codebase.
solution2
17 2010-08-28 19:55:03
Debian uses a cron job to automatically expire sessions in a secure manner. If you are using Debian, look at /etc/cron.d/php5.
solution3
7 2010-08-13 12:09:58
You can use it technique to make compatible your application according to you. You have to make few changes according to your system
// Get the current Session Timeout Value
$currentTimeoutInSecs = ini_get(’session.gc_maxlifetime’);
Change the Session Timeout Value
// Change the session timeout value to 30 minutes // 8*60*60 = 8 hours
ini_set(’session.gc_maxlifetime’, 30*60);
//————————————————————————————–
// php.ini setting required for session timeout.
ini_set(‘session.gc_maxlifetime’,30);
ini_set(‘session.gc_probability’,1);
ini_set(‘session.gc_divisor’,1);
//if you want to change the session.cookie_lifetime.
//This required in some common file because to get the session values in whole application we need to write session_start(); to each file then only will get $_SESSION global variable values.
$sessionCookieExpireTime=8*60*60;
session_set_cookie_params($sessionCookieExpireTime);
session_start();
// Reset the expiration time upon page load //session_name() is default name of session PHPSESSID
if (isset($_COOKIE[session_name()]))
setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, “/”);
//————————————————————————————–
//To get the session cookie set param values.
$CookieInfo = session_get_cookie_params();
echo “<pre>”;
echo “Session information session_get_cookie_params function :: <br />”;
print_r($CookieInfo);
echo “</pre>”;
solution4
3 2010-08-13 12:02:05
Try to use this part of code:
session_start();
$inactive = 600;
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive) {
session_destroy();
header("Location: logoutpage.php");
}
$_SESSION['timeout']=time();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.