[Pmwiki-users] PHP Sessions / Cookies / Authentication / Cache

Patrick R. Michaud pmichaud
Fri Jun 25 10:41:10 CDT 2004


On Fri, Jun 25, 2004 at 09:30:32PM -0700, Steven Leite wrote:
> According to the PHP documentation, the session.gc_maxlifetime variable
> which is set in the php.ini file can actually be set via a .php script
> using the ini_set( ) function.
> Like so:  ini_set(session.gc_maxlifetime, 2880);
> Which would set it to 48 minutes instead of the default of 24 minutes
> (1440).

Unfortunately, as far as I can tell there's nothing actually stored in
the session files that indicate how long they are to be retained.  Thus,
I think that if there are any other PHP scripts on the system using
sessions and that don't perform an identical ini_set, then when those 
other scripts are run they will clean the session directory using the 
default (1440 seconds) setting and the sessions are lost.  Thus
ini_set doesn't seem to be useful on a system where there may be other
PHP scripts using sessions.

The real answer would be to look at the PHP source.  However, I know
from experience that this problem came up for me for a project I was
contracted to build for a client--nothing I did to change 
session.gc_maxlifetime (from a user account) ever seemed to get 
around the 24 minute limitation and I rebuilt the entire thing using
cookies.  In retrospect I might've tried creating a separate session_save
directory, but the problems with sessions had already cost me many hours
of effort and so I decided to not mess with them at all.

More on the rest later.

Pm




More information about the pmwiki-users mailing list