[FX.php List] Extending Session Expiration

Andrew Denman adenman at tmea.org
Wed Jan 24 10:21:18 MST 2007 

Gary,
 
You're looking in the right places; the things that can affect the timeout
are cookie expiration times garbage collection times on the server.  You can
change these ini settings (descriptions on
http://us3.php.net/manual/en/ref.session.php):
session.gc_maxlifetime
session.gc_probability
session.gc_divisor
session.cookie_lifetime
 
Even when you change these settings (in php.ini or ini_set()), if there are
others using the same temp directory for the session files the person with
the lowest gc_maxlifetime will be who decides which sessions get cleaned up.
To get around this you can specify your own session.save_path.
 
This "flowchart" may help you understand the session / garbage collection
process better:
http://www.tek-tips.com/faqs.cfm?fid=4908
 
Andrew Denman


  _____  

From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Gary Sprung
Sent: Tuesday, January 23, 2007 6:06 PM
To: fx.php_list at mail.iviking.org
Subject: [FX.php List] Extending Session Expiration
 
Hi everyone,
 
I'm trying to increase the session expiration time for my solution and I'm
finding this is a complex issue without clear cut solutions. 
 
The context is a Filemaker/PHP site with complex forms that rely on about
several session variables (ID of the organization, name of the organization,
name of person entering data, etc.). Many of the forms take more time to
fill than the 24 minutes that PHP defaults to before it may end your session
through garbage collection. I don't have access to the server's php.ini
file, as this is a shared hosting service. How do I extend the session life?
 
I first tried session_set_cookie_params () with a time of 10800 seconds --
three hours. 
That did not work. I guess it's not just about the length of time of the
session cookie.
 
On the php.net site, there are a number of discussions about this and they
do not all point the same way. About the best I've seen came in comments
general session handling posted last August. The commenter mentions three
commands:
 
ini_set("session.cache_expire","180");
ini_set("session.gc_maxlifetime","3600"); 
session_save_path("/my/own/path/without/url/sessions"); 
 
I guess all three must be be invoked before session_start(). Do I make a new
directory and save sessions there using the session_save_path command? I
have to invoke all three commands on every page?
 
Thanks for any insights....
 
Gary Sprung
 
-------- 
Gary Sprung
GNURPS Consulting
 
gary at gnurps.com
www.gnurps.com
 
Landline: 720-565-9933
Cell: 303-859-9331
 



 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.iviking.org/pipermail/fx.php_list/attachments/20070124/d16c8d24/attachment.html

More information about the FX.php_List mailing list