Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Session Disappears After 30 Minutes
March 26, 2005, 5:46 am
rate this thread
I'm running PHP Version 4.3.10. I'm trying to make it so that when a
person logs in using a user name and password that their session is
valid and continues for a few months so they don't have to log in each
time they come to the site.
In a .htaccess file I set session.cookie_lifetime to 20736000 seconds
and I set session.gc_maxlifetime to 20736000
It works for about 30 minutes. A user can login and then close their
browser and then open the browser and go back to the site and they are
automatically logged in, just like I want. But after 30 minutes it
stops working. The cookie is still there but it seems like the session
has been wiped but I don't know why.
Also, according to session.save_path the session data is being stored
in /tmp but when I look in /tmp on the sever I can't find the session
file(s). Anybody know why that is?
The session part of php.ini looks like this:
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 20736000 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 20736000 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid On On
Re: Session Disappears After 30 Minutes
I would caution against having such long-lived sessions; if you want to retain
logons, set a long-lived cookie instead with some form of key that can
re-restablish the logon.
The session garbage collector piggy-backs itself on PHP requests, with a
probability determined by gc_divisor and gc_probability - default 1% of
If you have session.gc_maxlifetime set locally, then that only influences
garbage collection runs that were piggy-backed onto requests in this
subdirectory. So it only destroys session files older than 240 days.
But note that the "Master value" on the right is still at 1440, the default of
30 minutes. Garbage collection runs from elsewhere on the site not covered by
your .htaccess will therefore destroy session files older than 30 minutes - it
won't know or care that the session file was created from a subdirectory with
an overridden gc_maxlifetime.
I think if you want different gc_maxlifetime values you also absolutely need
to override save_path as well, else it'll all average out to using the smallest
gc_maxlifetime across all areas.
<http://www.andyhsoftware.co.uk/space Space: disk usage analysis tool