session timout after 10 days.

[zohab]

Hi,

 

In my site when user login then username and password stored in session

and if user does not close browser and be login in the site

 

If my session is timeout then user will be logout .

 

I want to set session timeout to be 10 days

 

after 10 days session will be timeout

 

 

[Bricktop]

Hi zohab,

 

Are you using cookies?  Can you post the releavnt code?

 

Thanks

[zohab]

Hi Bricktop ,

 

I am using session.

I have to do the settings in php.ini file through ini_set function

 

but which one?

 

ini_set('session.gc_maxlifetime',30);

ini_set('session.gc_probability',1);

ini_set('session.gc_divisor',1);

ini_set('session.cache_expire ',180);

 

[Bricktop]

Hi zohab,

 

Set your code to read:

 

ini_set('session.gc_maxlifetime',864000);
ini_set('session.gc_probability',1);
ini_set('session.gc_divisor',1);
ini_set('session.cache_expire ',180);

 

864000 is 10 days in seconds.

 

Hope this helps.

[zohab]

Hi Bricktop ,

 

Thanks 

[Bricktop]

Hi zohab,

 

Just re-read your orginal post, the 'session.gc_maxlifetime' parameter is not used to set session timeouts, it's the Garbage Collection timeout for session file deletion.  I thought this is what you meant when I first read your post, sorry about that!

 

You will need to use the session.cookie_lifetime parameter for what you're asking, i.e.:

 

ini_set('session.gc_maxlifetime',30);
ini_set('session.cookie_lifetime', 864000);
ini_set('session.gc_probability',1);
ini_set('session.gc_divisor',1);
ini_set('session.cache_expire ',180);

 

Hope this helps.

[PFMaBiSmAd]

You need to set both the session.gc_maxlifetime and the session.cookie_lifetime to the longer value, because you need both the session data file on the server and the matching cookie from the browser in order to resume a session.

 

If you are on a shared web server and you are using the default tmp folder for the session save path, you must also set the session save path to a private folder within your account's disk tree. When you use the default tmp folder on a shared web server the SHORTEST session.gc_maxlifetime setting of all the scripts of all the accounts running on the web server will WIN and cause you session data files to be deleted when garbage collection runs. When you set the session save path to be to a private folder, you session data files will only be affect by your session settings.

 

You must also set your session settings before EVERY session_start() statement or the master values in the php.ini will be used. It is best to globally set them in a .htaccess file (when php is running as an Apache Module) or in a local php.ini (when php is running as a CGI application.)

 

Session variables are intended to be used for one single browser session. For a "remember me" type of login, you should actually use cookies to save a unique identifier, not a session.

[zohab]

Great Help.

 

Thanks