0

I just use Session Variables in my code. I do not start any activity with cookies. I just do session_start() and do the manipulation of the variables. But at the end of some time (about 30 minutes) the session goes down. If I do print_r ($ _ SESSION) the session is in void.

I've tried set session.gc_maxlifetime to 7200 (2 hours), but the session is destroyed in less than 30 minutes again.

How can I resolve this? It's normal? Should the session not only be destroyed if I close the browser or give the statement/instruction to session_destroy?

Edgaras
  • 404
  • 2
  • 16
  • 1
    As the default lifetime is 24 mins. I would guess that you have changed the wrong `php.ini` file. There are normally 2 one for use of PHP under Apache and one for the CLI. Do a quick page with just `` and check where your real `php.ini` file is located and make sure you are changing the right one – RiggsFolly Aug 03 '17 at 15:08
  • Moreover, in the `phpinfo()` output, you can actually see what the configured value for `session.gc_maxlifetime` is under the `session` section. – Phylogenesis Aug 03 '17 at 15:16
  • After phpinfo(): [PHP Version 7.1.7], [Server API => LiteSpeed V6.11], [Loaded Configuration File => /opt/alt/php71/etc/php.ini], [Additional .ini files parsed => /opt/alt/php71/link/conf/alt_php.ini], [session.cookie_lifetime => 0], [session.gc_maxlifetime => 7200] – Edgaras Aug 03 '17 at 15:25
  • But session still down after 24 minutes – Edgaras Aug 03 '17 at 15:26

2 Answers2

0

Session variables are meant to hold information until the browser is closed. I am not quite sure what you want to achieve in your project, since you have not posted any code. Something simple like not putting session_write_close(); at the end of your php script or session_start() at the very beginning, before any html tags could be messing your code.

ravi
  • 899
  • 8
  • 31
  • I just want that the session do not destroy with no instruction for this or close the browser . And what i verify is that the session blows away after a while without instrution for this . Taking into account that I do not use cookies . I don't need any code to show my doubt . I only use session_start() in every page and a symply session vars to control if the user is logged in or not ... – Edgaras Aug 03 '17 at 15:56
0

The default timeout is 24 minutes.

Other than php.ini, you can change it in code. You could try this:

// server should keep session data for AT LEAST 1 hour
ini_set('session.gc_maxlifetime', 3600);

// each client should remember their session id for EXACTLY 1 hour
session_set_cookie_params(3600);

session_start(); // ready to go!

from this answer: How to change the session timeout in PHP?

An article on it:

https://bytes.com/topic/php/insights/889606-setting-timeout-php-sessions

which gives code that I've adapted to 2 hours.

session_start();
$timeout = 7200; // Number of seconds until it times out.

// Check if the timeout field exists.
if(isset($_SESSION['timeout'])) {
    // See if the number of seconds since the last
    // visit is larger than the timeout period.
    $duration = time() - (int)$_SESSION['timeout'];
    if($duration > $timeout) {
        // Destroy the session and restart it.
        session_destroy();
        session_start();
    }
}

// Update the timout field with the current time.
$_SESSION['timeout'] = time();

php.net page on it:

http://php.net/manual/en/function.session-set-cookie-params.php

Other stack answers verify this (some highly rated):

PHP sessions default timeout
How do I expire a PHP session after 30 minutes?

Madivad
  • 2,999
  • 7
  • 33
  • 60
  • So i must put "ini_set('session.gc_maxlifetime', 3600);" in every page where a i have session_start() ? And before the session_start() ? Like this: – Edgaras Aug 03 '17 at 15:57
  • have a read of my last link, it's good information there. Specifically, I would simply include it in your php header file. – Madivad Aug 03 '17 at 16:11