envexlabs Posted April 2, 2009 Share Posted April 2, 2009 Hey, I use sessions to deal with user logins but if the user chooses not to be remembered the session times out quickly. This is what it says under sessions in phpinfo session.cache_expire 180 180 session.gc_maxlifetime 1440 1440 The maxlifetime is set to 24 minutes, so i'm not really sure why they are releasing so soon. Anyone have any other ideas? Should i just increase these values? Thanks, envex Quote Link to comment Share on other sites More sharing options...
redarrow Posted April 2, 2009 Share Posted April 2, 2009 can we see code please, be any think in the world. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted April 2, 2009 Share Posted April 2, 2009 session.cache_expire has absolutely nothing to do with how long a session lasts. A session will exist as long as the browser provides a session id and the corresponding session data file exists on the server. Are you on a shared web server and what does a phpinfo() statement show for your session.save_path? Quote Link to comment Share on other sites More sharing options...
envexlabs Posted April 3, 2009 Author Share Posted April 3, 2009 session.cache_expire has absolutely nothing to do with how long a session lasts. A session will exist as long as the browser provides a session id and the corresponding session data file exists on the server. Are you on a shared web server and what does a phpinfo() statement show for your session.save_path? Hey, We are on MediaTemple (gs) which is a shared server. session.save_path: no value Am i going to have to set a folder and path for the sessions to be saved? Thanks for the help! Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted April 3, 2009 Share Posted April 3, 2009 The server is using the default tmp folder for all the session data files. The shortest session.gc_maxlifetime of all the scripts running on the server wins and some fool has probably set his to 5 minutes in a misguided attempt to control logout using session garbage collection. You need to set the session.save_path setting (before every session start, ideally in a .htaccess file or a local php.ini) to be to a private folder within your account's folder tree. The preferred location is a folder outside your document root folder. If that option is not available and you must put the folder inside your document root folder, you should also put a .htaccess file in it that prevents all http/https access to the files. Quote Link to comment Share on other sites More sharing options...
envexlabs Posted April 3, 2009 Author Share Posted April 3, 2009 Thanks, i will look into that this morning. I know i have access to the main root, which is outside where alll my servers are held. I'll just make a tmp folder in there! Thanks again! envex (matt) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.