Session Fails to Expire

Antony the Awesome · January 21, 2007

Bear with me, I started session yesterday for the first time.

My sessions never expire. The php.ini on my host looks like the default php.ini with the session.gc_maxlife directive the default 1440. My code is as follows below, I put in bold what I found to be the parts that need looking at. What's wrong?
[font=Courier]
__________________________________________________
<?php
[b]session_start();[/b]

$msg="Login successful.";

[b]if($_SESSION['isLoggedIn'] = true) {
header("Location: http://script-dump.freehostia.com/alna/redirect.php?msg=$msg");
}[/b]

$dbServer = "mysql2.freehostia.com";
$dbUsername = "antmas10_rsp";
$dbPass = "thedog";

mysql_connect($dbServer, $dbUsername, $dbPass);
mysql_select_db($dbUsername) or die("Failed to grab database.");

if(isset($_POST['submit'])) {
$username=$_POST['username'];
$pass=md5($_POST['password']);
$result=mysql_query("SELECT username FROM login WHERE username='$username' AND password='$pass'");

[b] if (mysql_num_rows($result) == 1) {
$_SESSION['isLoggedIn'] = true;
header("Location: http://script-dump.freehostia.com/redirect.php?msg=$msg");
}[/b]
}
?>
__________________________________________________
[/font]

Jessica · January 21, 2007

if($_SESSION['isLoggedIn'] = true) {

= is setting it to true. use == to compare.

Ninjakreborn · January 21, 2007

It could be related to your garbage collection. If there are very few people visiting the site, and the garbage collection in the ini file is set to a very, very low percentage, it's going to be very unlikely that it emptys out the sessions at any logical time period. If that is your problem at all.

Antony the Awesome · January 21, 2007

http://script-dump.freehostia.com/phpinfo.php

It's default with session.gc_probability set to 1 and the session.gc_divisor set to 100. That means there is a 1% chance?

[quote]if($_SESSION['isLoggedIn'] = true) {

= is setting it to true. use == to compare.[/quote]
Thanks for pointing that out, I always make that mistake.

Ninjakreborn · January 21, 2007

Honestly, I can't help. I never knew of
session.gc_divisor
or even knew it existed, I just knew of gc probability, I will have to check into that later.

Antony the Awesome · January 21, 2007

I saw it last night but kind of skipped over it.

From PHP.net:
[quote]session.gc_divisor coupled with session.gc_probability defines the probability that the gc (garbage collection) process is started on every session initialization. The probability is calculated by using gc_probability/gc_divisor...[/quote]

http://www.php.net/manual/en/ref.session.php#ini.session.gc-divisor

Ninjakreborn · January 21, 2007

Oh ok, well does increasing it help your initial problem?

Antony the Awesome · January 21, 2007

Free server. I am not sure if they allow me to have my own php.ini. Now, could I use ini_set() to edit the gc probability directive? I know ini_set only works during script execution, but it makes sense in my mind that it would work and I would only need the gc probability directive to be changed during execution.

Ninjakreborn · January 21, 2007

No, unfortunately it wouldn't. The reason it, something like that affects the actual php engine itself, the entire way sessions are handled, I am 90% sure that won't have any affect on it at all, however, since you can't kill the session early, destroy the session manually. Go into where the session "file's" are on the server, and once per week, clear them all out? NEver encountered that type of problem before.

Antony the Awesome · January 21, 2007

I'll see what I can do. Thanks for the help. I'll post back here if I find a solution.

Ninjakreborn · January 21, 2007

When I check your post again I will see if I can help. For now I am going to bed, it's one oclock in the morning, sorry I couldn't help. Do what you can, and post back here, we'll see what we can do to fix your problem.

Goodnight all.

Antony the Awesome · January 21, 2007

Good night, and thanks a lot so far.

I went ahead and tried the ini_set() and set the probability to 100 (100%). My long overdue session was gone when I visited the admin login. Maybe it did work? I'll check back in 24 minutes when my session should be expired again.

Jessica · January 21, 2007

It was the = instead of == :)

Antony the Awesome · January 21, 2007

[quote author=jesirose link=topic=123323.msg509601#msg509601 date=1169359963]
It was the = instead of == :)

[/quote]
Yeah, I think that's what did it. ;)

Antony the Awesome · January 21, 2007

I think that the ini_set() did it. Session has been whiped again.

Ninjakreborn · January 21, 2007

Good, congratulations, I am glad you got the problem solved.

Sign In

Session Fails to Expire

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information