Re: [PHP] session.gc_maxlifetime
- Original Message - From: Shaw, Chris - Accenture [EMAIL PROTECTED] To: Gustav Wiberg [EMAIL PROTECTED]; PHP General php-general@lists.php.net Sent: Friday, September 09, 2005 7:21 PM Subject: RE: [PHP] session.gc_maxlifetime -Original Message- From: Gustav Wiberg [mailto:[EMAIL PROTECTED] Sent: 09 September 2005 14:40 To: PHP General Subject: [PHP] session.gc_maxlifetime * This e-mail has been received by the Revenue Internet e-mail service. * Hi there! This setting... session.gc_maxlifetime can only be set in php.ini Default = 1440 = 24 minutes is the time before a cookie expires? Is this right? I don't have access to php.ini because it's not my server (it's my webhost) What's the solution to that? I want the cookie to last as long as set inte setcookie... Please help... I'm a little confused here... Surely it is: session.cookie_lifetime: specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means until the browser is closed. Defaults to 0. Also, I thought you could use ini_set to change your php.ini configuration for your current script. But I could be wrong... Did I miss read the manual? This message has been delivered to the Internet by the Revenue Internet e-mail service * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.19/93 - Release Date: 2005-09-08 Hi again! Yes, I were able to change with ini_set... I wrote it like this... Is it good? or bad? ini_set('session.cookie_lifetime',2147483647); I wrote that code in a script... But that won't effect the server configruation would it? Because when I try to get values from phpinfo() then 'session.cookie_lifetime' is still 0. How do I know that it works? Is there any way of viewing the new value? /G http://www.varupiraten.se/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] session.gc_maxlifetime
-Original Message- From: Gustav Wiberg [mailto:[EMAIL PROTECTED] Sent: 09 September 2005 14:40 To: PHP General Subject: [PHP] session.gc_maxlifetime * This e-mail has been received by the Revenue Internet e-mail service. * Hi there! This setting... session.gc_maxlifetime can only be set in php.ini Default = 1440 = 24 minutes is the time before a cookie expires? Is this right? I don't have access to php.ini because it's not my server (it's my webhost) What's the solution to that? I want the cookie to last as long as set inte setcookie... Please help... I'm a little confused here... Surely it is: session.cookie_lifetime: specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means until the browser is closed. Defaults to 0. Also, I thought you could use ini_set to change your php.ini configuration for your current script. But I could be wrong... Did I miss read the manual? This message has been delivered to the Internet by the Revenue Internet e-mail service * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] session.gc_maxlifetime
Also, I thought you could use ini_set to change your php.ini configuration for your current script. But I could be wrong... Did I miss read the manual? ini_set() can be used to change *some* settings. Some items that are configured in php.ini come into play before the script is parsed, and so ini_set() can't affect those. Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session.gc_maxlifetime?
Suhas wrote: Hello, I just want to make sure that I understand this concept. When i read thr' docs, session.gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and cleaned up and default value is 1440. My guess is : A. 1440 seconds from last visit to the page (where session id is used), B. 1440 seconds from session_start() function call C is correct - 1440 seconds from session_write_close(), either called explicitly by your script or implicitly when your script ends. But it happens not long after session_start(), so you might consider it the same. My general understanding is a session can be idle for 1440 seconds. If a php page tried to refer to a session which is been idle more than 1440 seconds, there is very little chance that page will access to session data. You are right -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Session.gc_maxlifetime?
This is my understanding; When you use session_start(); in your script it sets a condition that will cause a session write of the contents of the $_SESSION array to the session repository (by default a file whose name contains the session ID) when the script has ended. At that time the record timestamp (file last modified date/time) should be modified or reset to the current time. To answer your question below, I believe technically the timestamp is very close to the script end time for a script containing a session_start() call (not the actual time of the session_start() call is executed). Periodically the gc (garbage cleanup) process is invoked, at which time all sessions whose timestamp is checked to see how old they are and if they precede the current timestamp minus the gc_maxlifetime value, they are to be removed from the repository. Notice that the processing above is accomplished when the script has ended (sent it's last output to the browser). By invoking the gc process at this time it never has a direct impact on the response time or the users experience, unless they are awfully fast with the mouse. I have in the past found that the GC routines are not invoked every invocation of a script, but rather a probability factor causes the GC routine to be invoked on only some percentage of the calls to session start to avoid adding needless load to the server (i.e. say 10% of all script executions may trigger a call to the GC routine). To offset this I had to make sure that when session_start() retrieved old session values (session_read), I had to add checks to make sure I wasn't reading an old session that had expired but had just not been cleaned up yet. You can learn a lot about sessions by coding and testing your own session_handler routines; http://www.php.net/manual/en/function.session-set-save-handler.php There are lots of other good tutorials in books on php programming. Warren Vail -Original Message- From: Suhas [mailto:[EMAIL PROTECTED] Sent: Monday, October 04, 2004 9:30 AM To: php-general Subject: [PHP] Session.gc_maxlifetime? Hello, I just want to make sure that I understand this concept. When i read thr' docs, session.gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and cleaned up and default value is 1440. My guess is : A. 1440 seconds from last visit to the page (where session id is used), B. 1440 seconds from session_start() function call My general understanding is a session can be idle for 1440 seconds. If a php page tried to refer to a session which is been idle more than 1440 seconds, there is very little chance that page will access to session data. Can any one please explain or send links or more docs on this? Thanks in adv, Suhas -- Suhas Pharkute. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session.gc_maxlifetime?
From: Suhas [EMAIL PROTECTED] My general understanding is a session can be idle for 1440 seconds. If a php page tried to refer to a session which is been idle more than 1440 seconds, there is very little chance that page will access to session data. Not quite. As long as a session file exists that matches the session ID passed to the page, it'll load the data. This occurs even if the session file is older than the maxlifetime limit. Here's how this works. By default, there is a 1% chance that a visit to a page with session_start() will trigger garbage collection. _IF_ garbage collection is triggered, it'll look in the session directory and delete session files that older than the maxlifetime setting (using the last access time, i think). If a request is made for a session ID whose matching file has been deleted, then the file is just created again, empty. Since garbage collection is triggered randomly, some session files can live for over the maxlifetime setting. If you have low traffic to your site, the 1% chance of triggering garbage collection may only occur every couple hours. So session lifetime will effectively be anywhere from 1440 seconds to hours. If you have a high-traffic site, then the lifetimes stay around the maxlifetime limit and only go over slightly. If you want to ensure sessions are timed out at a set time, then store the time the session is created within the session itself, check it upon each access for a time out, and update the time upon each user action. I prefer the good enough solution of garbage collection, though, since most programs don't require a hard time out value. ---John Holmes... UCCASS - PHP Survey System http://www.bigredspark.com/survey.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session.gc_maxlifetime
Hello Jeff, Thursday, March 25, 2004, 2:40:04 PM, you wrote: JS I'm just wondering about this setting for the Session management JS functionality. To wit, will the session timer keep getting 'reset', so JS that as long as a user is still accessing my site, the session doesn't JS expire? Or will the session 'die' after the amount of time specified by JS this setting, regardless of whether they have recently accessed the site? The session is reset each time they load another page on your site that uses it (providing they didn't close their browser and/or wait too long), so yes - you are correct :) -- Best regards, Richard Davey http://www.phpcommunity.org/wiki/296.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] session.gc_maxlifetime
It depends on your requirement. For me 1440 sec is too short. I'll set it to little over 1 hour because login timeout is 1 hour. If you have login/logout system using session, the value better to be larger than login timeout. Regards, PS: You might want to set gc probability around 10%. Depends on your requirement, though. -- Yasuo Ohgaki ""Peter Houchin"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... what is the standard with setting the amount of time in session.gc_maxlifetime it has defaulted to 1440 (24 mins) is that considered long enough? Peter Houchin [EMAIL PROTECTED] = _ __ /\ /_/_/_\/ |_/ \ /_/_/___ __ __ __ / \ \_/_/_\ /_/ /_/ /_/ /_/ \ _ / ___\_\_\/ /_/_/_/ /_//\/_/\_/ \/\_/ \_//_/_/ /_/_/_/ /_/ \/_/v /_/_/_/_/ /_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ /_/_ _/_/ __ __ __ /_/ __ __ /_/_/_/_/ /_/_/_/ /_/ /_/ /_/ /_/\_\/_//_/_/_/ /_/ \_\ /_/ _/ /_//\/_/ /_/ /_/__\_\ /_/___ _\_\_\ /_/\_\/_/_/_/ /_/ \/_/ /_/ /_/\_\/_/_/_//_/_/_/ = Telephone : (03) 9329 1455 Facsimile : (03) 9329 6755 * We rent the dot in .COM! ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]