php how to preserve session state for prolonged period of time? troubles...

Question

I'm having trouble preserving session state for a prolonged period of time. I use sessions to preserve login state. I require the below snippet of code at the top of each of my pages before any other code. First off, is there any settings I'm missing?

session_cache_expire(2880); //set session to expire in 48 hours 
session_start();

Some people are logged out before the 48 hour expiration time. What types of things could cause this? I know closing the browser kills the session and this is not the case.

As far as I can tell it happens when the user is inactive for several hours or more.

Users are never logged off while actively browsing the site.

What gives?

Answer 1

That only affects how long the browser caches session pages for.

Try setting the gc_maxlifetime variable (value is in seconds):

ini_set("session.gc_maxlifetime", "172800");

Answer 2

session_cache_expire only effects HTTP cache expiration time. What you want to do is use cookies to set your session data.

The following is an example I have used for login/logout sessions.

<?php

session_start();

if ($action == "logout") {
  setcookie('sId', '', time()-60*60*24*365); //set sId cookie to expire

  session_destroy();
} else if (empty($_SESSION['sId'])) { //if cannot get sId from session
  if (isset($_COOKIE['sId'])) { //check if sId is in cookie
    $sId = $_COOKIE['sId'];
  } else { //get a new sId and set to cookie
    $sId = session_id();
    setcookie('sId', $sId, time()+60*60*24*365);
  }

  $_SESSION['sId'] = $sId; 
} else { //get sId from session
    $sId = $_SESSION['sId'];
}

?>