Many thanks again Zoltán. It's working nice now. Best regards holo ""Zoltán Németh"" <znemeth@xxxxxxxxxxxxxx> wrote in message news:1192690500.5742.4.camel@xxxxxxxxxxxx > 2007. 10. 17, szerda keltezéssel 15.10-kor Holografix ezt írta: >> Many thanks Zoltn. >> >> It's clear now >> One more thing: session.cookie_lifetime defaults to 0 (until browser is >> closed). >> if setting session.cookie_lifetime to 60 can I look for >> $_SESSION[session_name()] in every request ? > > why $_SESSION[session_name()]? > I never bother with session_name and stuff like that, just put whatever > I want to store in $_SESSION and voila it's there :) > > about session.cookie_lifetime: if the cookie expires on the client > computer, the browser would not send it, so the server side would not > receive the session ID, so the session data would be lost. that's good > in some cases, but if you leave cookie_lifetime at its default, cookies > expire when the browser is closed. that, combined with a lasttime value > stored in the session, should be enough. > > greets > Zoltán Németh > >> >> best regards >> holo >> >> >> ""Zoltn Nmeth"" <znemeth@xxxxxxxxxxxxxx> wrote in message >> news:1192621838.5342.7.camel@xxxxxxxxxxxx >> > 2007. 10. 17, szerda keltezssel 11.58-kor Holografix ezt rta: >> >> I have some questions about sessions timeout and sessions ini >> >> settings. >> >> >> >> In php.ini I have session.gc_maxlifetime = 30 (for testing purpose >> >> only) >> >> , >> >> session.gc_probability = 1 and session.gc_divisor = 100 (didn't touch >> >> this >> >> values) >> >> >> >> I have two simple pages >> >> >> >> >> >> page1.php >> >> --------- >> >> session_start(); >> >> $_SESSION["test"] = "TEST"; >> >> <a href="page2.php">test timeout</a> >> >> >> >> >> >> page2.php >> >> ========= >> >> session_start(); >> >> if (!isset($_SESSION["test"]) ) { >> >> echo "no session"; die(); >> >> } >> >> print_r($_SESSION); >> >> >> >> >> >> I open page1.php in the browser and only click in the link after >> >> waiting >> >> more than 30 seconds (session.gc_maxlifetime). >> >> After this period what should happen with $_SESSION["test"] in >> >> page2.php? >> >> >> >> In php, session.gc_maxlifetime: ; After this number of seconds, stored >> >> data >> >> will be seen as 'garbage' and >> >> ; cleaned up by the garbage collection process. >> >> >> >> I need to understand this and get a way to automaticly logout a user >> >> after n >> >> minutes of inactivity. >> > >> > session.gc_maxlifetime is not what you are looking for. it works like >> > at >> > every request there is a 1/100 chance >> > (session.gc_probability/session.gc_divisor) that the garbage collector >> > will run. if it runs, and finds session data older than >> > session.gc_maxlifetime, that is cleaned up. >> > >> > in order to achieve what you want you should store a 'last action' >> > timestamp or something like that in the session, and upon each request >> > check how many seconds passed since that timestamp and decide session >> > validity based on that. eg: >> > >> > session_start(); >> > if ($_SESSION['last_action_timestamp'] - time() > $max_lifetime) >> > { >> > // session expired >> > } >> > else >> > { >> > $_SESSION['last_action_timestamp'] = time(); >> > } >> > >> > greets >> > Zoltn Nmeth >> > >> >> >> >> My environment: >> >> Windows XP PRO SP2, apache 2.2.4, php 5.2.4 (apache module), mysql >> >> 5.4.5 >> >> >> >> >> >> Best regards >> >> holo >> >> >> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
