[SOLVED] Sessions that just don't die!

[DamienRoche]

I have created a session. Yet I can turn off my comp!!- come back, and the session is still there?? I'm still logged in.

 

How do I set a timer on a session? I know they have a default value but mine obviously isn't working. Can I just set a timer for a *SPECIFIC* session?

 

Many thanks.

 

Damien.

[Stooney]

I'm not completely sure how sessions work as far as how long they last, but it could be a browser issue.  Maybe your browser keeps it alive?

[PFMaBiSmAd]

So, have you read the session handling section in the php manual? It explains how a session works using default settings and it lists what setting would make it possible for a session to persist after the browser is closed or a computer is turned off.

[chronister]

http://us3.php.net/manual/en/function.session-cache-expire.php

[DamienRoche]

So, have you read the session handling section in the php manual? It explains how a session works using default settings and it lists what setting would make it possible for a session to persist after the browser is closed or a computer is turned off.

 

This is exactly why I don't get anywhere.

 

I have checked the link below about session cache expire. Yet I have also been advised to use ini_set('session.gc_maxlifetime', #number);

 

So which is better? considering the ini sets the value just for that script, does one not make the other obsolete?

 

I wish I had the time to read the entire documentation about every question I have about php. But all I can do is search Google,and the documentation, and if I can't get my head around it, come here. I thought that was why this board exists?

 

Thanks for the input any way!

 

 

[DamienRoche]

Here is what I have tried:

 

<?php ini_set('session.gc_maxlifetime', 10); session_start(); 
echo "session should expire in ".ini_get("session.gc_maxlifetime"); 

///code goes on.

 

The output is session should expire in 10

 

But the session doesn't expire in 10(seconds, I'm assuming.)

 

Any advice?

[redarrow]

 

try this mate as one page

 

test_session.php

<?php session_start();

$_SESSION['redarrow']="I am a  active session";

if($_SESSION['redarrow']){

echo " ".$_SESSION['redarrow']." of redarrow<br><br> 

<a href=' ".$_SERVER['PHP_SELF']."?cmd=go' >Press to delete session</a> ";

}

if($_GET[cmd]=="go"){

unset($_SESSION['redarrow']);
session_destroy();

echo "My session >".$_SESSION['redarrow']."<  was destroyed";
}

?>

 

 

[DamienRoche]

That code works fine but I'm trying to make a session expire on a time, not user input.

 

Thanks any way!- I can certainly use that elsewhere.

[redarrow]

well tell the truth each browser kills sessions diffently what browser u got mate......

 

[chronister]

Here is what I have tried:

 

<?php ini_set('session.gc_maxlifetime', 10); session_start(); 
echo "session should expire in ".ini_get("session.gc_maxlifetime"); 

///code goes on.

 

The output is session should expire in 10

 

But the session doesn't expire in 10(seconds, I'm assuming.)

 

Any advice?

 

the 10 is minutes.

 

From example 1 in the link I gave ya.

<?php

/* set the cache limiter to 'private' */

session_cache_limiter('private');
$cache_limiter = session_cache_limiter();

/* set the cache expire to 30 minutes */
session_cache_expire(30);
$cache_expire = session_cache_expire();

/* start the session */

session_start();

echo "The cache limiter is now set to $cache_limiter<br />";
echo "The cached session pages expire after $cache_expire minutes";
?>

 

 

I wish I had the time to read the entire documentation about every question I have about php. But all I can do is search Google,and the documentation, and if I can't get my head around it, come here. I thought that was why this board exists?

 

You don't need to read the entire documetation. I have only hit a fraction of the manual, but that is the first place to look when you have a question about how something works.

 

This board exists to help and assist in learning, not to solve the problems for you. Many people have come away from this board frustrated because they want us to do it for them and they don't want to learn. Don't be that person

[redarrow]

you can exspire a session with mktime or any date php function...

 

you can also use a cron to point to a page to kill sessions .........

 

there meny ways not just the session way mate do what best for u.........

 

 

@@@@@@@'''

 

chronister ur code kills all the session's best kill indevigal sessions mate............

 

ur killing every session php.ini provides the user might have

meny php scripts running u just cost him money !!!!!!!!

[PFMaBiSmAd]

A session is just a container. Do not rely on the absence of a session id from the browser or session garbage collection to log someone out. You should only rely on a value stored on your server (ideally in a database) to determine if someone is logged in or how long ago they were last active if you want to automatically log them out.

 

How do I set a timer on a session?

You store the datetime of the last page request and your code checks on the next page request if the last datetime is longer in the past than a limit you pick (typically 10-20 minutes is used.)

 

The session cache expire has nothing to do with how long a browser will keep a session id. Please read the user contributed note(s) at the php.net manual link that chronister posted - http://us3.php.net/manual/en/function.session-cache-expire.php#81265

 

The purpose of session garbage collection (GC) is to delete old unused session data files. GC runs randomly (unless you also set the correct parameters to cause it to run every session_start().) Setting session.gc_maxlifetime to a short value on a busy shared server will just cause every session to prematurely end, preventing sessions from being used for any other purpose.

 

 

 

[DamienRoche]

"

This board exists to help and assist in learning, not to solve the problems for you. Many people have come away from this board frustrated because they want us to do it for them and they don't want to learn. Don't be that person

"

 

HA! that is honestly joke, yeh? Id on't expect anyone to do anything for me. Jesus I'm doing this TO LEARN. It's not like I'm doing work for someone and have come here because the boneheads here will do it for me!

 

In fact, while were on this. I don't know how you can jump on me for that. There was a guy the other day who submitted 1000 lines of code and got over 20 replies with people helping...surely that wasn't for educative purposes...?

 

Oh, and from the same page:

The manual probably doesn't stress this enough:

** This has nothing to do with lifetime of a session **

Whatever you set this setting to, it won't change how long sessions live on your server.

This only changes HTTP cache expiration time (Expires: and Cache-Control: max-age headers), which advise browser for how long it can keep pages cached in user's cache without having to reload them from the server.

 

Thanks for the input guys. As I've said I just want to set a session to expire. I used ini_set and that doesn't work...yet it should. As stated above, I've even echoed the settings and it says 10. I ahve also tried 1 yet it doesn't expire after 1 minute. Maybe there is a min setting.

 

I'm sorry to be so confrontational. It's just I don't appreciate being tarnished with the same brush as so many others that obviously come here just looking for people to do their work for them.

 

No hard feelings. I like this board. I like this community.

 

I'll try what PFM advised above, sounds like that's the best way to go.

[redarrow]

Here a example off a really easy time function destroying a session..............

 

<?php session_start();

$_SESSION['redarrow']=" <br><br> I am a  active session the time now is less then the set time!";

$time_now=time();

echo  " Time now $time_now";

echo "<br>";

$set_time=time()+3;

echo "Set time  $set_time";


if($set_time > $time_now){

unset($_SESSION['redarrow']);

session_destroy();

echo "<br><br> this session >>".$_SESSION['redarrow']."<< was destroyed via set time";

}else{

echo $_SESSION['redarrow'];
}
?>

[chronister]

DamienRoche,

 

Yes it was meant as more of a joke. Hence the smiley. If you appeared to just want someone to do it for you, then the thread would not have this many posts with folks like redarrow & PFMaBiSmAd helping. They have been around the block a few times on this forum.

 

I am not a dick, I promise. I am here to learn and help as well. I don't claim to know everything about php/mysql and such. I am far from an expert on these things. I make suggestions based on my knowledge and then folks like redarrow show me where there may be a problem with the solution.

 

I like being corrected. It helps me learn while trying to help others.

 

If you felt like I was jumping your ass, then I am sorry as that was not the intention. Sometimes sarcasm is hard to convey through text.

 

Nate

[redarrow]

look the truth is chronister needs u to no, that php.net manual is ur best friend that all.......