removing php session timeout

Question

I'm looking to remove the timeout on php sessions on my site. the result of:

var_dump(ini_get('session.save_path')); var_dump(ini_get('session.gc_maxlifetime')); var_dump(ini_get('session.cookie_lifetime'));

Is string(13) "/var/lib/php5" string(4) "1440" string(1) "0"

According to the forums I've seen, with session.cookie_lifetime set to 0 timeout should already be unlimited shouldn't it?

So two questions: Which values do I need to set to remove session timeout? And also... I understand I need to put code into .htaccess but where does the .htaccess need to be to take effect on php sessions?

Why are your doing this? anytime someone clears their browser cache it will reset their session as they will loose the cookie. Why do you want to remove the session timeout? — Toby Allen, Oct 21 '12 at 09:12

score 0 · Accepted Answer · edited May 23 '17 at 12:04

0

I'm not really sure about how PHP session garbage collection works, but I'm not sure that you can completely eliminate it. If you want to retain the session, put some JS on the page that periodically makes requests to keep the session fresh. If your concern is keeping people logged in for even longer than that (perhaps after browser closing) you can use your own cookie.

edited May 23 '17 at 12:04

Community

1
1

answered Oct 21 '12 at 05:18

Explosion Pills

188,624
52
326
405

the page is used to modify large database tables so I'm not wanting to completely refresh, what code would be sufficient to keep the session alive without being a nuisance to the user? – Kelly Larsen Oct 21 '12 at 05:26
@KellyLarsen you don't have to refresh that page itself, you can have some other page that does nothing but start the session and just ping that every few minutes or something. – Explosion Pills Oct 21 '12 at 05:27
just had an idea, if I call a php page that regenerates the session id every 5 mins... that would reduce session hijacking too wouldn't it? kill two birds with one stone... function KeepAlive() { setTimeout("CallServer()", 50); } function CallServer() { call regen.php } – Kelly Larsen Oct 21 '12 at 05:38
that didn't go to plan... something like this one http://answers.yahoo.com/question/index?qid=20060828142142AAxwqZZ – Kelly Larsen Oct 21 '12 at 05:40
you could also do it with an iframe that includes an html file with a meta refresh. If you're using jQuery, their ajax handling is a lot easier. – Explosion Pills Oct 21 '12 at 05:41

removing php session timeout

1 Answers1