Jump to content

Longer sessions

aeroswat

By aeroswat
in PHP Coding Help

 Share

Recommended Posts

aeroswat Advanced Member

aeroswat

Posted
Posted

Does the function session_start() being called refresh my session time? Also is there a way to set a longer expiration of the cookie other than changing the phpini? I'm currently on a shared host and I doubt they'd let me do that. I will be changing to my own server soon but this seems illogical to have to change the ini file to keep a user logged in longer than 10 minutes without activity...

Link to comment
Share on other sites
aeroswat Advanced Member

aeroswat

Posted
  • Author
Posted

Yes. It tells the server that session's in use.

 

setcookie's third parameter is for setting expiration time.

 

In order to set an infinitely long session would i do this before my initial call of session_start()

 

session_set_cookie_params(0, '/', 'sitename.com');

 

Also if you are familiar with javascript/jquery would you mind taking a look at this? My post is getting no love in those forums

 

http://www.phpfreaks.com/forums/index.php/topic,283891.0.html

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

The session cookie lifetime determines how long the session id cookie will remain valid after all instances of the browser is closed. A zero value (the default setting) means "until the browser is closed". A non-zero value means that the session id cookie expiration time will be set to that number of seconds added to the current server's time.

 

A session will exist as long as the browser supplies a valid session id and the corresponding session data file exists on the server.

 

To extend a session, you would either need to periodically 'refresh' the last access time of the session data file (by executing a session_start() statement) to prevent session garbage collection from deleting the session data file or you would need to extend the session.gc_maxlifetime value.

 

On a shared web server where you are using the default/common tmp session.save_path setting, the shortest session.gc_maxlifetime setting of all the scripts running on the server will win. So, you also need to set the session.save_path to be to a 'private' folder within your account's folder tree if you want you session settings to apply only to your session data files.

 

All values affecting the session id cookie or the session data files must be set before every session_start() statement. It is usually best to globally set them in the master php.ini (when you have access to it), in a .htaccess file (when php is running as a Apache Module), or in a local php.ini (when php is running as a CGI application.)

Link to comment
Share on other sites
Mchl Regular Member

Mchl

Posted
Posted

expire

 

    The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. Or you might use mktime(). time()+60*60*24*30 will set the cookie to expire in 30 days. If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes).

 

        Note: You may notice the expire parameter takes on a Unix timestamp, as opposed to the date format Wdy, DD-Mon-YYYY HH:MM:SS GMT, this is because PHP does this conversion internally.

        expire is compared to the client's time which can differ from server's time.

Link to comment
Share on other sites
ignace Advanced Member

ignace

Posted
Posted

I doubt it. Session's cookie is set by session_start(). I don't know if you can affect it with setcookie(). I guess you should try and see :D

 

Actually I think this could work as is session_set_cookie_params not just a proxy for setcookie?

 

Edit: Works!

 

session_start();
if (!isset($_SESSION['setcookie'])) {
    setcookie(session_name(), session_id(), time() + 86400);
    $_SESSION['setcookie'] = mt_rand();
} else {
    print $_SESSION['setcookie'];
}

 

Ran this script showed nothing (2 cookies were set with same id one to expire upon browser close and one tommorow), closed the browser, open it again ran the script displayed a random number (1 cookie was set to expire tommorow)

Link to comment
Share on other sites
aeroswat Advanced Member

aeroswat

Posted
  • Author
Posted

I doubt it. Session's cookie is set by session_start(). I don't know if you can affect it with setcookie(). I guess you should try and see :D

 

Actually I think this could work as is session_set_cookie_params not just a proxy for setcookie?

 

Edit: Works!

 

session_start();
if (!isset($_SESSION['setcookie'])) {
    setcookie(session_name(), session_id(), time() + 86400);
    $_SESSION['setcookie'] = mt_rand();
} else {
    print $_SESSION['setcookie'];
}

 

Ran this script showed nothing (2 cookies were set with same id one to expire upon browser close and one tommorow), closed the browser, open it again ran the script displayed a random number (1 cookie was set to expire tommorow)

 

Sweet! Thanks much to everyone that helped out!

Link to comment
Share on other sites
ignace Advanced Member

ignace

Posted
Posted

Hmm... I don't think so. It doesn't set the cookie, just sets the values for session_start() to use.

 

Re Edit: Cool! Good work!

 

Is this a bug? Because if I request session_get_cookie_params it says:

 

79623764Array ( [lifetime] => 0 [path] => / [domain] => [secure] => [httponly] => )

 

Using this code:

 

session_start();
if (!isset($_SESSION['setcookie'])) {
    setcookie(session_name(), session_id(), time() + 86400);
    $_SESSION['setcookie'] = mt_rand();
} else {
    print $_SESSION['setcookie'];
    print_r(session_get_cookie_params());
}

 

lifetime 0 would imply the session should close upon browser close.. Altough this may aswell be able to work because the garbage collector has not yet cleaned the session. This last makes most sense and is most plausible.

 

PFMaBiSmAd here or salathe for the correct reason why this works?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.