
Session lifetime
Greetings.
Faced the problem of killing sessions ahead of schedule. That is, I install. And the session is killed after about 30 minutes. Googled for a long time and carefully. I didn’t google anything that would help. I began to read the manual and found the cause of the problem. It turned out just before dizziness. The site is hosted on a shared hosting and all sessions are stored in / tmp. Accordingly, scripts of other sites clean all sessions according to the set timeout, which by default is 30 minutes. So, in order to avoid such a problem, you need to change the storage location of the sessions - that's all. As an option, you can. It is important that session files cannot be accessed from outside.
Maybe the information is not new, but since I could not find anything in Google, I decided to post it. Suddenly someone will come in handy.
UPD:
The bottom line is that all sessions have a start parameter. When the script starts, php reads the lifetime setting (and the probability of the garbage collector starting) and starts the garbage collector. If the garbage collector stumbles upon a session that has lived longer than specified in the settings, it is deleted. The session file is deleted, and the user’s cookie, of course, remains. Accordingly, if any script is launched with a session time setting of 30 minutes and at the same time it searches for sessions in the same folder where another script places them with a longer time, it will delete ALL sessions, even those that should live longer. For this you need to change the folder.
Here is what the official session manual says:
“If different scripts have different values of session.gc_maxlifetime but share the same place for storing the session data then the script with the minimum value will be cleaning the data. In this case, use this directive together with session.save_path. ”
Faced the problem of killing sessions ahead of schedule. That is, I install. And the session is killed after about 30 minutes. Googled for a long time and carefully. I didn’t google anything that would help. I began to read the manual and found the cause of the problem. It turned out just before dizziness. The site is hosted on a shared hosting and all sessions are stored in / tmp. Accordingly, scripts of other sites clean all sessions according to the set timeout, which by default is 30 minutes. So, in order to avoid such a problem, you need to change the storage location of the sessions - that's all. As an option, you can. It is important that session files cannot be accessed from outside.
ini_set('session.gc_maxlifetime', 120960);
ini_set('session.cookie_lifetime', 120960);
ini_set('session.save_path', $_SERVER['DOCUMENT_ROOT'] .'../sessions/');
Maybe the information is not new, but since I could not find anything in Google, I decided to post it. Suddenly someone will come in handy.
UPD:
The bottom line is that all sessions have a start parameter. When the script starts, php reads the lifetime setting (and the probability of the garbage collector starting) and starts the garbage collector. If the garbage collector stumbles upon a session that has lived longer than specified in the settings, it is deleted. The session file is deleted, and the user’s cookie, of course, remains. Accordingly, if any script is launched with a session time setting of 30 minutes and at the same time it searches for sessions in the same folder where another script places them with a longer time, it will delete ALL sessions, even those that should live longer. For this you need to change the folder.
Here is what the official session manual says:
“If different scripts have different values of session.gc_maxlifetime but share the same place for storing the session data then the script with the minimum value will be cleaning the data. In this case, use this directive together with session.save_path. ”