On Fri, 22 Nov 2002 15:08:31 +0100, you wrote:

>I don't think the session handler checks session expiry - only gc does. I
>haven't checked the PHP sources yet, but I found out that on my development
>server (where we definetely don't have a lot of traffic ;->) session files
>can persist over night, and the session is still available in the
>morning... only when the gc_probability is hit (i.e. at the 100th access),
>the file gets removed. At least with my PHP (4.2.2, RH 7.2).

Then I suppose it's just an added feature of the session handler I am
using.  Maybe the OP should give it a shot, as I use it and I
definitely don't have a problem with expired sessions being
reactivated.  That's not to say that you cannot pass a SID that was
given to you the day before, but all of the data that was associated
with it will be gone using this custom session handler, and it will
effectively be a new session with the same name.  I'm using the MySQL
based session handler which is available here:



PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to