Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts

    session.gc_maxlifetime

    is session.gc_maxlifetime maximum session length or maximum inactivity?
    I'm pretty sure in ASP sessions lengths were determined by inactivity, ie if you kept active and doing stuff then you stayed logged in - indefinately.
    However, I'm not so sure in PHP.

    On one of our sites we're having a problem that sessions are timing out in the middle of people doing stuff. Obviously this is a big problem because all the work that they were doing is then lost and they're faced with a login screen. The session.gc_maxlifetime is set to the default 1440s which should be long enough (if session length is determined by inactivity) but thats not seeming to be the case. I can be right in the middle of doing sometihng and get logged out - other times I can go away for ages and come back and still be logged in - its very frustrating and we're getting complaints from the marketting department

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,044
    Thanks
    2
    Thanked 316 Times in 308 Posts
    The session.gc_maxlifetime only sets the age of the session files that will be deleted when garbage collection runs.

    If you have a busy web site with a lot of sessions being created, garbage collection will run based on session.gc_probability/session.gc_divisor. Despite this being called "probability" I tested this and it is strictly a count. Using the default gc_probability/gc_divisor of 1/100, this means that garbage collection will run every 100 new sessions (Edit: Actually this occurs within the session_start() coding and would count re-started sessions as well) and delete any existing session files that are older than the session.gc_maxlifetime. There is no file locking on the session files, so active session files will be deleted and things like users getting logged out will occur.

    If this is on shared hosting and the session files are all kept in the default location and someone else is using a smaller session.gc_maxlifetime or a more frequent gc_probability/gc_divisor, then any of the session files will get deleted based on the lowest value of gc_maxlifetime and the most frequent gc_probability/gc_divisor.

    You need to increase session.gc_maxlifetime or make session.gc_divisor larger and if this is on shared hosting, set session.save_path to be a location within your web space.
    Last edited by CFMaBiSmAd; 10-25-2006 at 06:37 PM.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    cheers


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •