What exactly happened?
I don't know the undergoing so I can't understand how session_set_save_handler() actually works.
views:
134answers:
2
+1
A:
Session timeout is declared in php.ini
If you can edit the php.ini, change:
session.gc_maxlifetime 72000
If you cannot edit the php.ini, put this in your .htaccess file:
php_value session.gc_maxlifetime 72000
That should allow the session to "live" for at least 20 hours (72,000 seconds), even without any activity.
If that doesn't work, and you're on a shared host, it could be that the host empties the session directory on a periodic basis. Do your sessions all die after a pre-determined amount of time? (i.e. 10 mins?) If that's the case, you could move your sessions into the database using a custom session handler.
lo_fye
2009-11-23 16:05:40
The session timeout happens when no request,I wonder how can something be done when there is no request?
Mask
2009-11-23 16:13:41
I'm still confused how what you're asking about session timeouts has *anything* to do with what you're asking about session save-handlers.
delfuego
2009-11-23 16:49:20
A:
Most people would think session.gc_maxlifetime defines the session’s lifetime.
But that’s not quite correct. session.gc_maxlifetime is only the lifetime after that the garbage collector of PHP’s session implementation assumes the session to be expired. But the garbage collector is only called with a chance of 1% (default settings). So it’s very probable that the session might be used though it is already expired.
The best would be if you implement a session timeout mechanism on your own and register it with session_set_save_handler. It should test if the current session is still valid and invalidate it immediately if it’s expired.
See my response to How do I expire a PHP session after 30 minutes? for further details.
Gumbo
2009-11-23 16:53:18