Session Disappears After 30 Minutes

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm running PHP Version 4.3.10. I'm trying to make it so that when a
person logs in using a user name and password that their session is
valid and continues for a few months so they don't have to log in each
time they come to the site.

In a .htaccess file I set session.cookie_lifetime to 20736000 seconds
and I set session.gc_maxlifetime to 20736000

It works for about 30 minutes. A user can login and then close their
browser and then open the browser and go back to the site and they are
automatically logged in, just like I want.  But after 30 minutes it
stops working. The cookie is still there but it seems like the session
has been wiped but I don't know why.

Also, according to session.save_path the session data is being stored
in /tmp but when I look in /tmp on the sever I can't find the session
file(s). Anybody know why that is?

The session part of php.ini looks like this:

session.auto_start       Off            Off
session.bug_compat_42       On            On
session.bug_compat_warn       On            On
session.cache_expire       180            180
session.cache_limiter       nocache    nocache
session.cookie_domain       no value    no value
session.cookie_lifetime       20736000    0
session.cookie_path       /            /
session.cookie_secure       Off            Off
session.entropy_file       no value    no value
session.entropy_length       0            0
session.gc_divisor       100            100
session.gc_maxlifetime       20736000    1440
session.gc_probability       1            1               PHPSESSID    PHPSESSID
session.referer_check       no value    no value
session.save_handler       files    files
session.save_path       /tmp            /tmp
session.serialize_handler  php            php
session.use_cookies       On            On
session.use_only_cookies   Off            Off
session.use_trans_sid       On            On

Re: Session Disappears After 30 Minutes

Quoted text here. Click to load it

 I would caution against having such long-lived sessions; if you want to retain
logons, set a long-lived cookie instead with some form of key that can
re-restablish the logon.

Quoted text here. Click to load it

 The session garbage collector piggy-backs itself on PHP requests, with a
probability determined by gc_divisor and gc_probability - default 1% of

 If you have session.gc_maxlifetime set locally, then that only influences
garbage collection runs that were piggy-backed onto requests in this
subdirectory. So it only destroys session files older than 240 days.

 But note that the "Master value" on the right is still at 1440, the default of
30 minutes. Garbage collection runs from elsewhere on the site not covered by
your .htaccess will therefore destroy session files older than 30 minutes - it
won't know or care that the session file was created from a subdirectory with
an overridden gc_maxlifetime.

 I think if you want different gc_maxlifetime values you also absolutely need
to override save_path as well, else it'll all average out to using the smallest
gc_maxlifetime across all areas.

Quoted text here. Click to load it

< Space: disk usage analysis tool

Site Timeline