What is the default $_SESSION expiry lifetime?

[colap]

Hi,

 

What is the default $_SESSION expiry lifetime?

 

I have used $_SESSION variables but it is not ending it's lifetime. It looks like it is infinite lifetime, but i didn't configure anything. Where to set session's lifetime, In php.ini files? Or do i have to use ini_set() function at top?

 

Is session_start() written at top of php scripts or ini_set() function?

 

Any help will be highly appreciated.

 

Thanks in advance.

 

 

 

 

 

 

 

 

 

[Ch0cu3r]

Yes, default is set to not expire

 

You can set your own session settings using the php.ini or using ini_set. The following page outlines all the runtime settings for sessions

http://php.net/manual/en/session.configuration.php

 

You will need do this before calling session_start()

 

 

Is session_start() written at top of php scripts or ini_set() function?

session_start() is a function, which you must call at the of all pages that uses sessions.

Edited December 13, 2015 by Ch0cu3r

[colap]

Where is it configured/set to infinite lifetime by default? Which file?

[Ch0cu3r]

In the php.ini

 

You can run phpinfo to see your current php configuration settings

[colap]

From phpinfo(); i see, session=> session.gc_maxlifetime = 1440 , that means 24 minutes. But why is the lifetime is infinite?

[Jacques1]

Sessions are not infinite by default, and there are actually two lifetime settings: The session.cookie_lifetime directive defines how long the session cookie is valid. It's typically set to “0”, which means the cookie is deleted when the user closes the browser. And the session.gc_maxlifetime directive defines how long the session file is considered valid. Note that expired files aren't cleared immediately. The session garbage collector which deletes the files is only executed with a certain probability, so the file may still exist for a while.

 

Both settings together more or less determine the lifetime of the session.