smashbugs Posted September 21, 2007 Share Posted September 21, 2007 Hi everyone, I have a site where the users log in with their username and password, and it stores their info in a session. If the session variables are not detected, the pages will send them to the login page. For some reason, users are randomly getting logged out after even 20 minutes of inactivity in some cases. I have to figure this out, but I just can't seem to put a finger on it. Here is my phpinfo() on sessions: session Session Support enabled Registered save handlers files user sqlite Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 On On session.bug_compat_warn On On session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 100 100 session.gc_maxlifetime 72000 72000 session.gc_probability 1 1 session.hash_bits_per_character 4 4 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path no value no value session.serialize_handler php php session.use_cookies On On session.use_only_cookies Off Off session.use_trans_sid 0 0 The login page, if the username/pass are correct, just sets their info (ex. username and account ID) as a session variable, ex. $_SESSION['user_id']. Pages detect this with isset($_SESSION['user_id']). And I just cannot figure out why some people get logged out. It doesn't happen every time -- for instance, I can leave it up for five hours and still be okay. Any help would be MUCH appreciated. Thanks! Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 21, 2007 Share Posted September 21, 2007 is your use of www in your URLs consistent, ie always www.domain.com or always domain.com? Quote Link to comment Share on other sites More sharing options...
smashbugs Posted September 21, 2007 Author Share Posted September 21, 2007 It's a subdomain, so it's always consistent. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 21, 2007 Share Posted September 21, 2007 are you aware of any code that may be overriding session.gc_maxlifetime? Joomla, Zen-Cart, others? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.