I have researched a few ways to set a "hard" session timeout on a shared server. Does anyone have comments on the advantages/disadvantages of each approach? Are there other alternatives? 1. Override the php.ini settings in an .htaccess file: php_value session.gc_maxlifetime 900 php_value session.gc_divisor 1 php_value session.gc_probability 1 2. Put a "previous request" timestamp into the session, and compare it to the current timestamp on a request. 3. Set a <meta> refresh to a "kill session" script. Will there be a performance hit for all applications on the server under the first method? TIA Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
