I am trying to increase session timeout time

Question

I am trying to increase session timeout time

I am trying to increase SESSION time so that users do not log out for 12 hours. This is a private site, used only by employees, and the timeout is annoying, and this leads to the loss of partially filled data. According to what I read, the following code should work:

ini_set('session.gc_maxlifetime',12*60*60); ini_set('session.gc_probability',1); ini_set('session.gc_divisor',1); session_start();

but it does not affect. Any thoughts?

thanks

+4

php session-timeout

sdfor Feb 14 '11 at 20:37

source share

6 answers

Marc b · Answer 1 · 2011-02-14T20:54:48+0000

 ini_set('session.gc_probability',1); ini_set('session.gc_divisor',1);

These two commands force PHP to run a script session cleanup for EVERY hit on your site. PHP formula to run gc:

 if (random() < (gc_probability / gc_divisor)) then run_session_garbage_collector() }

You now have 1/1, so there is a 100% chance that the garbage collector will start. Although extending the waiting period is good, you also want to REDUCE the chance that the collector works at all. Otherwise, you force PHP to perform a full scan of ALL session files and parse EACH one, for EVERY hit on your site, to find an odd one or two that might have expired.

Try setting gc_probability to 0 to completely disable the garbage collector.

Also, remember that changing the settings, like you, inside the script using ini_set (), does not change the timeouts / defaults used by OTHER scripts. This script may have a longer timeout and change the likelihood, but if other scripts exceed the default timeout (10 minutes or something else), then they will be happy to make any "obsolete" sessions.

The right place to set the timeout / session cleanup parameters is at the php.ini level, so it applies to all the scripts on the site, and not just to your one script.

Scone · Answer 2 · 2011-02-14T20:42:53+0000

You can try setting session.gc_maxlifetime = 12 * 60 * 60 to the php.ini file. Otherwise, when your script ends, the session.gc_maxlifetime variable will reset every time.

from php.net/ini_set:

string ini_set ( string $varname , string $newvalue )
Sets the value of this configuration parameter. The configuration option will save this new value during script execution and will be restored with the completion of the script.

circusbred · Answer 3 · 2011-02-14T20:42:21+0000

Session cookie may also expire: session.cookie-lifetime

simshaun · Answer 4 · 2011-02-14T20:51:22+0000

I'm not sure that for a "private site" you mean it only on a dedicated server, but if not:

If your temporary session files are stored in the same directory as the tmp files of other sites, it is possible that a lower session time on another website causes garbage collection, which may delete the "private site" session. Depends on server settings. Personally, I have a tmp folder for each client to avoid such things.

Aaron · Answer 5 · 2011-02-14T20:54:49+0000

session.gc_divisor in combination with session.gc_probability determines the probability of the gc process (garbage collection) starting at each session initialization. Probability is calculated using gc_probability / gc_divisor, for example. 1/100 means that there is a probability of 1% start of the GC process for each request. session.gc_divisor by default is 100.

So you do 1/1 - I'm not sure how this will work, but it could be weird behavior.

Faraz babakhel · Answer 6 · 2015-03-27T09:28:18+0000

Hope this helps you. just copy and paste the following code into the web.config file

 <sessionState mode="InProc" stateNetworkTimeout="10" sqlCommandTimeout="30" cookieName="ASP.NET_SessionId" timeout="53200" regenerateExpiredSessionId="false"> <providers><clear/></providers> </sessionState>

I am trying to increase session timeout time

More articles: