I'm using Zend with a session expiration set to 1,800 seconds. I was wondering if this session expiration time refreshes back to 1,800 seconds every time I make a request from the browser to the server on behalf of the user and also when the user loads a new page, or does it just refresh when the user loads a new page?
Asked
Active
Viewed 6,536 times
6
-
2you could set it to 5 seconds and test it. – goat May 20 '12 at 04:34
-
It will likely depend on how your are using the session and what options and configurations you are using. – RockyFord May 20 '12 at 07:15
4 Answers
2
When a user loads a new page, that is the browser making a request to the server on behalf of the user. So the two scenarios you painted above are the same thing.
When a session is started, the session ID is sent to the browser which usually stores it in a cookie. The browser then uses the cookie to pass the session ID to the server with each request to identify the user. The server keeps track of when the session expires and this area can get a little tricky (read How do I expire a PHP session after 30 minutes?)
But as long as you are using the same browser to make the requests, then the session expiration will refresh in the two scenarios you've given.
0
The cookie that holds the session id (and all other cookies originating from the target server) travels alongside every request you make to the server, be it a page refresh or an ajax call.
So yes, the session refreshes upon any interaction with the server.
George Kagan
- 5,913
- 8
- 46
- 50
0
Basically it depends upon many things. Largely upon the browser and the version of the browser. You can read this post : How do I expire a PHP session after 30 minutes?
0
When you do session_start() if it is is the first call, the server saves session information in a file in /tmp folder, and send to your browser a cookie with this file identifier, else the server get cookie identifier and loads the file information. The duration of this cookie by default in php configuration is 30 minutes.
You can increase the time of this cookie in php.ini or manually setting directive with ini_set function or in .htacces file. You only setting the directive session.cookie_lifetime. The values are number of seconds or if set to the cookie are valid until you are close the browser
Another posible solution is make a token system for users, for example you manually sends a cookie to the browser that expires after 2 months width a token (large randomly key, saved in a database table with a user id field). When the session isn't available you check if the cookie exists and you can recreate session login finding a user manually with the cookie token.
David
- 1,116
- 3
- 18
- 32