Jump to content

Session Timeout


xcandiottix

Recommended Posts

Just got done checking out php.net and want to make sure I understand this right. My code is as follows on a sign in page:

session_save_path("/tmp/");
session_set_cookie_params(600,'/','.site.com');
session_start();
session_register('active');
session_register('user');

 

Does this mean that the cookie set on the server expires in 600 seconds? When I view the cookies on my browser it says they wont expire until I close my browser (chrome). I'd like the cookie on the client machine to expire as well.

 

Also, on the user page I have this:

session_save_path("/tmp/");
session_set_cookie_params(600,'/','.site.com');
session_start();

 

Will this renew the session/cookie to a new 600 second expire?

 

Thanks

 

 

Link to comment
https://forums.phpfreaks.com/topic/207555-session-timeout/
Share on other sites

the cookie set on the server expires in 600 seconds?

 

Cookies don't exist on the server.

 

If you cannot see a matching cookie in your browser, it means you already have one set by the same name that matches your domain/localhost and you need to delete it before your new settings take effect and/or the code you posted is outputting something before the session id cookie and is not really setting the session id cookie.

 

The first parameter in the session_set_cookie_params() is the life time of the session id cookie after you close the browser. If you want the session id cookie to be deleted when the browser is closed, you need to use a zero value.

Link to comment
https://forums.phpfreaks.com/topic/207555-session-timeout/#findComment-1085167
Share on other sites

What is the file that's actually stored on the server called? Is it just called the "session" file? (just curious)

 

Now, you say that the first value is the amount of time the cookie exists AFTER the browser closes? Some of the documentation on php.net said the session could expire without a page refresh which to me says that the cookie or session may expire due to inactivity.

 

Also, can you comment on whether my second page code will refresh the session time limit correctly?

 

Thank you for your time.

Link to comment
https://forums.phpfreaks.com/topic/207555-session-timeout/#findComment-1085168
Share on other sites

The file would generally be referred to as the session data file.

 

The session data file can be deleted by the session garbage collection, having nothing to do with the browser.

 

The second code will update the last accessed time of the session data file, which will affect what session garbage collection does.

 

------

 

A session consists of two parts. The session id from the browser and the corresponding session data file on the server. As long as both pieces exist, the session will exist.

Link to comment
https://forums.phpfreaks.com/topic/207555-session-timeout/#findComment-1085170
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.