PHP: first introduction to the garbage collection

    I recently encountered a small problem: the data from the session randomly disappeared when a session was idle for more than 24 (as it turned out later) minutes.

    Here is what the manual told me:
    Expired sessions are not actually destroyed immediately after 24 minutes. Here's how it all happens: at the beginning of every request that uses a session (due to a preliminary call to the session_start () function or setting session / auto_start to on ), there is a 1% chance that the PHP interpreter will scan all sessions on the server and delete any expired sessions. The “1% chance” regarding a computer program sounds completely unpredictable. The way it is. But such unpredictability improves overall performance. An intensively working site, busy at the beginning of the execution of each request with the search for expired sessions in order to delete them, will consume too many server resources.

    This explains the “randomness” of the deleted data.
    But how to solve this problem, because in my project the downtime can easily be more than 24 minutes.

    Again we turn to the manual:
    The session.gc_maxlifetime configuration directive controls the setting of the maximum idle time between requests during which session activity is maintained. Its default value is 1440 - just that many seconds in 24 minutes. You can change the value of session.gc_maxlifetime either by setting the server configuration, or by calling the ini_set () function directly from the program. A call to this function must take place before a call to the session_start () function .

    Ok, now everything is clear with this, but I still want to learn more about this unfortunate 1% probability. Is there any way to change this value if the project requires different logic regarding the session data?
    Do not rely on a 1% probability if you want to delete an expired session for sure. The session.gc_probability configuration directive sets the percentage of probability of starting the "delete obsolete sessions" routine at the beginning of request processing. To start this process at the beginning of processing each request, the value of the directive is set to 100. As well as in the case of session.gc_maxlifetime , a call to the ini_set () function to change the value of session.gc_probability must take place before a call to the session_start () function .

    But, we remember that if you set the probability value to 100, then before each request a search for outdated sessions will be carried out, which can greatly affect the performance and make the server bend well.

    In my case, I only need to increase the downtime before deleting the session data so that the data I need is not erased. Perhaps if you need more stringent work with session data in your project, you will have to find the ideal ratio of probability and downtime.

    I hope this information is useful to someone ...

    Link to the “manual” mentioned above:


    On my own, I would like to add about the session.gc_divisor directive that was not considered in this “manual” . By default, it is 100, and it turns out that the value of session.gc_probability really matches the% probability. In fact, the probability is calculated as: gc_probability / gc_divisor . Those. with values:
    gc_probability = 1
    gc_divisor = 1000
    The probability is already not 1%, but 0.1% .

    It should be noted that most hosting providers in Russia (in order to reduce the load on their servers) set this ratio: 1/1000, which gives a very small chance that after 24 minutes (by default) the data will still be deleted. Take note if you need to configure your application to work harder with session data.

    Also popular now: