tags:

views:

47

answers:

2
+1  Q: 

How do i know what unixtime a php session will expire?

Hi

How do I know how many seconds it will be until a php session expires?

I'm building a web application where users might spend a lot of time typing into big text fields, but for security reasons I still want sessions to time out after a reasonably short period. I want to warn them if their session is about to expire so they can save or take some other action to keep it alive.

Any tips? thanks!

+2  A: 

You can store the expiration time in the database and then display an alert when that is about to happen. Or you could store the expiration time in a cookie value, and then have javascript that constantly checks to see if the session is about to expire.

webdestroya  2010-04-20 04:35:50
thanks for the quick answer: how do i know what the session expiration time is? I've been crawling through the php docs but not had much luck...
Steve  2010-04-20 04:37:53
@Steve where did you look? what page?
Col. Shrapnel  2010-04-20 04:38:57
Do you mean the "default" session expiration time? I think the default would be 1440 determined by `session.gc_maxlifetime` (which would start garbage-collecting the session after 1440 seconds) but the cookie can last for as long as you set it (default is until browser is closed). Look at http://www.php.net/manual/en/session.configuration.php
webdestroya  2010-04-20 04:41:20
http://nz2.php.net/manual/en/function.session-cache-expire.php doesn't seem to tell me what I want. http://nz2.php.net/manual/en/function.session-get-cookie-params.php offers the cookie_lifetime, which defaults to "0" (meaning when the browser is closed). I want to know roughly what unixtime the server is going to invalidate any given session.
Steve  2010-04-20 04:42:33
Well you would just have to do simple sums to figure it out, something like `time()+1440` for whenever the session is created.
webdestroya  2010-04-20 04:43:45
@webdestroya: yes, of course. I'd spotted gc_maxlifetime but skipped over it because of the gc_probability and gc_divisor. Silly me. Looks like this is the number i needed. I knew the default was roughly 20 minutes...
Steve  2010-04-20 04:46:54
@steve every time your server involved, it is max value of session.gc_maxlifetime. and session_cache_expire is quite different value, it's another matter.
Col. Shrapnel  2010-04-20 04:46:57
@webdestroya: thanks so much for your help: i upvoted your comment and answer. I wish I could give two ticks... one for you and one for Col Shrapnel...
Steve  2010-04-20 04:54:39
@steve thanks for the upvote :) glad to help out
webdestroya  2010-04-20 04:56:33
+2  A: 

that's very easy. you have always session timeout left, which is 1440 seconds by default. to get actual value you can use

$seconds=ini_get('session.gc_maxlifetime');

but there is another way, better one. if your application get a text after session expired, save this text into session, ask for the password, and then save the text as if it was the regular submit.

Col. Shrapnel  2010-04-20 04:37:24
Thanks. Elegant solution re saving text into the session and re-authenticating
Steve  2010-04-20 04:52:43

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases