tags:

views:

1892

answers:

4
+1  Q: 

How long will my session last?

Hi,

Can someone please tell me how long my session will last from the data below? - I'm not sure which one tells me

session.auto_start  Off Off
session.bug_compat_42   Off Off
session.bug_compat_warn On On
session.cache_expire    180 180
session.cache_limiter   nocache nocache
session.cookie_domain   no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure   Off Off
session.entropy_file    no value no value
session.entropy_length  0 0
session.gc_divisor  1000 1000
session.gc_maxlifetime  1440 1440
session.gc_probability  1 1
session.hash_bits_per_character 5 5
session.hash_function   0 0
session.name    PHPSESSID PHPSESSID
session.referer_check   no value no value
session.save_handler    files files
session.save_path   /var/lib/php/session /var/lib/php/session
session.serialize_handler   php php
session.use_cookies On On
session.use_only_cookies    Off Off
session.use_trans_sid   0 0
+2  A: 

This is the one. The session will last for 1440 seconds (24 minutes).

session.gc_maxlifetime  1440    1440
Lukáš Lalinský  2009-10-04 12:21:00
A: 

If session.cookie_lifetime is 0, the session cookie lives until the browser is quit.

EDIT: Others have mentioned the session.gc_maxlifetime setting. When session garbage collection occurs, the garbage collector will delete any session data that has not been accessed in longer than session.gc_maxlifetime seconds. To set the time-to-live for the session cookie, call session_set_cookie_params() or define the session.cookie_lifetime PHP setting. If this setting is greater than session.gc_maxlifetime, you should increase session.gc_maxlifetime to a value greater than or equal to the cookie lifetime to ensure that your sessions won't expire.

Øystein Riiser Gundersen  2009-10-04 12:21:50
Thanks, when I close the browser and open up the page again, I still see the same sessionId?
Keith Donegan  2009-10-04 12:24:39
If your browser was still running, then, yes. The session cookie only expires when the browser application quits.
Øystein Riiser Gundersen  2009-10-04 12:28:58
The cookie yes, but the session itself will expire after 24 minutes without any activity even if you keep the browser open.
Lukáš Lalinský  2009-10-04 12:35:27
That's correct (and something I forgot to mention). I've edited my answer with an explanation of these settings.
Øystein Riiser Gundersen  2009-10-04 12:45:55
It’s not the access time but the moodification time.
Gumbo  2009-10-04 12:51:53
+2  A: 

You're searching for gc_maxlifetime, see http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime for a description.

You're session will last 1440 seconds which are 24 minutes (default).

svens  2009-10-04 12:22:41
+14  A: 

In general you can say session.gc_maxlifetime specifies the maximum lifetime since the last change of your session data (not the last time session_start was called!). But PHP’s session handling is a little bit more complicated.

Because the session data is removed by a garbage collector that is only called by session_start with a probability of session.gc_probability devided by session.gc_divisor. The default values are 1 and 100, so the garbage collector is only started in only 1% of all session_start calls. That means even if the the session is already timed out in theory (the session data had been changed more than session.gc_maxlifetime seconds ago), the session data can be used longer than that.

Because of that fact I recommend you to implement your own session timeout mechanism. See my answer to How do I expire a PHP session after 30 minutes? for more details.

Gumbo  2009-10-04 12:48:44

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases