9

What we use to set the session time out in php. I found following:

ini_set(session.cookie_lifetime, 3600);
ini_set(session.gc_maxlifetime, 3600);

Is it right way to set timeout for session in php? Or is there any way we can set the time out in htaccess file?

Maybe its a simple question, but I am not really able to get the answer, even tried on SO, Google and php.net but no straight solutions or code for this.

hakre
  • 193,403
  • 52
  • 435
  • 836
djmzfKnm
  • 26,679
  • 70
  • 166
  • 227
  • If I'll add this to top of the page then will it set the session timeout every time? – djmzfKnm Mar 05 '11 at 19:10
  • 3
    Note that these do not really control a session’s lifetime (see *[How do I expire a PHP session after 30 minutes?](http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes/1270960#1270960)*). – Gumbo Mar 19 '11 at 12:59
  • I found that in php 5.2 that the above didnt work unless I added quotes around the values... ie... ini_set('session.cookie_lifetime', '3600'); ini_set('session.gc_maxlifetime', '3600'); – AdamJones Mar 12 '13 at 12:22

2 Answers2

22

I have resolved this issue by adding following code in my .htaccess file.

<IfModule mod_php5.c>
    #Session timeout
    php_value session.cookie_lifetime 1200
    php_value session.gc_maxlifetime 1200
</IfModule>

Thanks!

djmzfKnm
  • 26,679
  • 70
  • 166
  • 227
1

You can set the lifetime value to 0

session.cookie_lifetime 1200

session.cookie_lifetime specifies the lifetime of the cookie in seconds which is sent to the browser.

The value 0 means "until the browser is closed."

session.gc_maxlifetime 1440

session.gc_maxlifetime specifies the number of seconds after which data will be seen as "garbage" and potentially cleaned up. Garbage collection may occur during session start

Community
  • 1
  • 1
Hamid
  • 1,493
  • 2
  • 18
  • 32