Best IT Recipes

PHP: what is the default session lifetime

If I click on a page that calls session_start() . How long will I have to wait, so if I have to refresh the page, have I been issued a new session id?

+51
php session
01 Oct '08 at 8:34
source share
6 answers

Check the php.ini value set for session.gc_maxlifetime is the identifier lifetime in seconds.

I believe the default is 1440 seconds (24 minutes)

http://www.php.net/manual/en/session.configuration.php

Edit: As some comments have noted, the foregoing is not entirely accurate. A great explanation of why and how to implement session time is available here:

How do I end a PHP session in 30 minutes?

+48
01 Oct '08 at 8:39
source share

The default value in php.ini for the session.gc_maxlifetime directive ("gc" for garbage collection) is 1440 seconds or 24 minutes. See the Session Time Setting Page in the manual:

http://www.php.net/manual/en/session.configuration.php

You can change this constant in the php.ini or .httpd.conf files if you have access to them or in the local .htaccess file on your website. To set the timeout for one hour using the .htaccess method, add this line to the .htaccess file in the root directory of the site:

 php_value session.gc_maxlifetime "3600"

Be careful if you are on a shared host or you have several sites on which you have not changed the default value. The default session location is the / tmp directory, and the garbage collection process will run every 24 minutes for these other sites (and destroy your sessions in the process, no matter how long they should be stored). See note on the manual page or this site for a better explanation.

The answer to this question is to move the sessions to another directory using session.save_path. It also helps prevent bad guys from getting into your visitor accounts from the default / tmp directory.

+22
01 Oct '08 at 9:11
source share

it depends on your php settings ...
use phpinfo() and see the session head. There are values ​​such as session.gc_maxlifetime and session.cache_expire and session.cookie_lifetime that affect the duration of the session

EDIT: this is how Martin write up

+2
01 Oct '08 at 8:42
source share

According to a user at PHP.net , his efforts to save the session did not work, so he had to make a workaround.

 <?php $Lifetime = 3600; $separator = (strstr(strtoupper(substr(PHP_OS, 0, 3)), "WIN")) ? "\\" : "/"; $DirectoryPath = dirname(__FILE__) . "{$separator}SessionData"; //in Wamp for Windows the result for $DirectoryPath //would be C:\wamp\www\your_site\SessionData is_dir($DirectoryPath) or mkdir($DirectoryPath, 0777); if (ini_get("session.use_trans_sid") == true) { ini_set("url_rewriter.tags", ""); ini_set("session.use_trans_sid", false); } ini_set("session.gc_maxlifetime", $Lifetime); ini_set("session.gc_divisor", "1"); ini_set("session.gc_probability", "1"); ini_set("session.cookie_lifetime", "0"); ini_set("session.save_path", $DirectoryPath); session_start(); ?>

Text files will be saved in the SessionData folder to store information about the session, each file will have a name similar to "sess_a_big_hash_here".

+2
Apr 29 2018-12-12T00:
source share

But be careful, on most xampp / ampp /...- settings and some linux destributions it is 0, which means that the file will never be deleted until you do it in your script (or dirty through the shell)

PHP.INI:

 ; Lifetime in seconds of cookie or, if 0, until browser is restarted. ; http://php.net/session.cookie-lifetime session.cookie_lifetime = 0
0
Apr 6 '12 at 12:50
source share

You can use something like ini_set('session.gc_maxlifetime', 28800);//8 * 60 * 60 ini_set('session.gc_maxlifetime', 28800);//8 * 60 * 60 too.

0
Aug 05 '18 at 21:06
source share


More articles:


All Articles