Comments on: PHP Session Lifetime: An Adventure http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/ Web Development | Nashville, TN Tue, 16 Mar 2010 14:30:10 -0500 http://wordpress.org/?v=2.8.6 hourly 1 By: John http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-229310 John Fri, 19 Feb 2010 20:24:46 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-229310 that last post stripped out the actual meant of the solution, here it is again...hopefully: This solved all my problems on Ubuntu 9.1 - bottom line, you need to override PHP's session.gc_maxlifetime value: include the following code in /etc/phpmyadmin/config.inc.php $cfg['LoginCookieValidity'] = 60*60*24*7*52; ini_set('session.gc_maxlifetime', $cfg['LoginCookieValidity']); that last post stripped out the actual meant of the solution, here it is again…hopefully:

This solved all my problems on Ubuntu 9.1 – bottom line, you need to override PHP’s session.gc_maxlifetime value:

include the following code in /etc/phpmyadmin/config.inc.php

$cfg['LoginCookieValidity'] = 60*60*24*7*52;
ini_set(’session.gc_maxlifetime’, $cfg['LoginCookieValidity']);

]]> By: John http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-229309 John Fri, 19 Feb 2010 20:23:37 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-229309 This solved all my problems on Ubuntu 9.1 - bottom line, you need to override PHP's session.gc_maxlifetime value: /etc/phpmyadmin/config.inc.php This solved all my problems on Ubuntu 9.1 – bottom line, you need to override PHP’s session.gc_maxlifetime value:

/etc/phpmyadmin/config.inc.php

]]> By: Alessandro Nunes http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-228350 Alessandro Nunes Tue, 26 May 2009 17:15:21 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-228350 We had this problem in a dedicated server. So, no other users sharing or modifing gc_ variables. We use a single application, a CMS developed by us. But... we had a phpMyAdmin, intalled by the host company. We had no access to php config of phpMyAdmin so we ask the Host to verify: phpMyAdmin had only 24 minutes from session. They chaged this config, and the problem is solved. Thanks for the article! We had this problem in a dedicated server. So, no other users sharing or modifing gc_ variables. We use a single application, a CMS developed by us. But… we had a phpMyAdmin, intalled by the host company. We had no access to php config of phpMyAdmin so we ask the Host to verify: phpMyAdmin had only 24 minutes from session. They chaged this config, and the problem is solved. Thanks for the article!

]]> By: Tom Taylor http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-206515 Tom Taylor Fri, 21 Dec 2007 20:54:54 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-206515 What an excellent article. I loved the way it was written, the approach and the detailed process. Bookmarked ! What an excellent article.
I loved the way it was written, the approach and the detailed process.

Bookmarked !

]]> By: johnd http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-200824 johnd Thu, 13 Dec 2007 14:58:24 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-200824 Great information there thanks for that Our session.gc_maxlifetime is set to 1440 (php default) which i believe is 24 mins. Upon testing this i cant understand why after this time the session is still open im guessing this is due to the gc again as session.gc_probability = 1 session.gc_divisor = 100 so does that mean there is 1/100 chances that it will check for expired sessions and remove them its all very strange :0) Great information there thanks for that
Our session.gc_maxlifetime is set to 1440 (php default) which i believe is 24 mins.
Upon testing this i cant understand why after this time the session is still open
im guessing this is due to the gc again as
session.gc_probability = 1
session.gc_divisor = 100
so does that mean there is 1/100 chances that it will check for expired sessions
and remove them
its all very strange :0)

]]> By: Kristjan Adojaan http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-156752 Kristjan Adojaan Fri, 26 Oct 2007 07:54:18 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-156752 Thank you!! We have had exactly the same problems, but didn't found an answer before read your <i>Adventure</i>. Sounds very logical!!! Now we try to implement. Thank you!! We have had exactly the same problems, but didn’t found an answer before read your Adventure. Sounds very logical!!! Now we try to implement.

]]> By: Boban Jovanoski http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-144781 Boban Jovanoski Fri, 28 Sep 2007 23:46:40 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-144781 I've found this type of solution for the same problem...but it only works fine on Mozilla....I've set the max session time lets say 20 seconds..used alternate session_path /tmp/something..permissions for something chmod a+rw......the user logs is and after 20 secs...has to login again (if he/she stays still on the web page) and it works fine on MOZILLA...but when i use Internet Explorer......the cookie doesent expire....i c the expiration time ends for 1 more day.....confusing$$!!!#$ sry for my bad english...but if some1 knows the solution for this thing pls e-mail me at bobanjovanoski@yahoo.com tnx in advance. P.S. Using sles9 for apache...and remote suse 10 for informix database....it all works sweett on mozilla...pls help me how to solve the session expire time on internet explorer too. I’ve found this type of solution for the same problem…but it only works fine on Mozilla….I’ve set the max session time lets say 20 seconds..used alternate session_path /tmp/something..permissions for something chmod a+rw……the user logs is and after 20 secs…has to login again (if he/she stays still on the web page) and it works fine on MOZILLA…but when i use Internet Explorer……the cookie doesent expire….i c the expiration time ends for 1 more day…..confusing$$!!!#$ sry for my bad english…but if some1 knows the solution for this thing pls e-mail me at bobanjovanoski@yahoo.com tnx in advance.
P.S. Using sles9 for apache…and remote suse 10 for informix database….it all works sweett on mozilla…pls help me how to solve the session expire time on internet explorer too.

]]> By: Learn PHP http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-141267 Learn PHP Sat, 22 Sep 2007 02:06:38 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-141267 For security purpose i also to save sessions in database rather than using flat files. Thou you would delete the file when you delete your sessions, but the file will remains readable by any script or human. You could also use memcache lib for storing sessions and cookies. For security purpose i also to save sessions in database rather than using flat files. Thou you would delete the file when you delete your sessions, but the file will remains readable by any script or human.

You could also use memcache lib for storing sessions and cookies.

]]> By: Casey http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-139361 Casey Mon, 17 Sep 2007 17:09:49 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-139361 I thought this would fix my problem on our server. I've separated my problem applications into their own folders under php\tmp, and now the session files are being written there, however, two of our sites are still timing out users after only a few minutes. Our gc.maxlifetime is set to 5400 (90 minutes), but the folder change is not working. Anybody have any other ideas here? I've gone through all of my code and raised the maxlifetime to 5400 anywhere I could to know avail. It just seems like garbage collection is finding my files no matter where I put them. Please help! I thought this would fix my problem on our server. I’ve separated my problem applications into their own folders under php\tmp, and now the session files are being written there, however, two of our sites are still timing out users after only a few minutes. Our gc.maxlifetime is set to 5400 (90 minutes), but the folder change is not working. Anybody have any other ideas here? I’ve gone through all of my code and raised the maxlifetime to 5400 anywhere I could to know avail. It just seems like garbage collection is finding my files no matter where I put them. Please help!

]]> By: Sheldon http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/comment-page-1/#comment-127996 Sheldon Wed, 22 Aug 2007 17:01:41 +0000 http://blog.centresource.com/2006/05/23/php-session-lifetime-an-adventure/#comment-127996 How can I set a finite timeout on a PHP session? I want my users to be logged in for 60 minutes regardless of activity/inactivity. I'm toying around with maxlifetime etc, but every time a new page is visited, the session renews itself, thus never expiring. I am using server sessions only, with a defined save_path. I'm presuming it's done using some kind of date comparison function. Many thanks. How can I set a finite timeout on a PHP session? I want my users to be logged in for 60 minutes regardless of activity/inactivity. I’m toying around with maxlifetime etc, but every time a new page is visited, the session renews itself, thus never expiring. I am using server sessions only, with a defined save_path.

I’m presuming it’s done using some kind of date comparison function.

Many thanks.

]]>