|
This article introduces the method of setting session expiration in PHP. The introduction is more detailed. Friends in need can refer to it.
To set session expiration in php, the easiest way is to modify session.gc_maxlifetime in the php configuration file. Overview: Every PHP request has a 1/100 probability (default value) of triggering "session recycling". If "session recycling" occurs, the /tmp/sess_* files will be checked. If the last modification time exceeds 1440 seconds (the value of gc_maxlifetime), they will be deleted, which means that these sessions have expired. 1. How does session exist on the server side (usually Apache with PHP module)? By default, PHP will save the session in the /tmp directory, and the file name will be like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each file corresponds to a session. more /tmp/sess_01aab840166fd1dc253e3b4a3f0b8381 username|s:9:”jiangfeng”;admin|s:1:”0″; #Variable name | type: length: value Deleting the session file here means that the corresponding session is invalid. 2. How does session exist on the client side (usually the browser)? The session is on the browser side, and you only need to save the session ID (the unique ID generated by the server side). There are two ways to save it: in cookies and in URLs. If the session ID is saved in the cookie, you can see that there is a PHPSESID variable in the browser's cookie. If it is passed by URL, you can see something like this: The URL of index.php?PHPSESID=01aab840166fd1dc253e3b4a3f0b8381. (Use session.use_cookies on the server side to control which method is used) 3. On the server side, how does PHP determine whether the session file has expired? If the "last modification time" to "now" exceeds gc_maxlifetime (default is 1440) seconds, the session file is considered expired. During the next session recycling, if the file has not been changed, the session file will be deleted (session will expire). If you log in to a website and there is no operation within 1440 seconds (default value), the corresponding session will be considered expired. Therefore, modifying the gc_maxlifetime variable in the php.ini file can extend the session expiration time: (for example, modify the expiration time to 86400 seconds) session.gc_maxlifetime = 86400 Then, restart the apache server. Notice: PHP5 uses a recycling mechanism when session expires. The time set here is 86400 seconds. If the session has not been modified within 86400 seconds, it will not be deleted until the next "recycling". 3. When does session "recycling" occur? By default, for every PHP request, there will be a 1/100 probability of recycling, so it may be simply understood as "one recycling occurs for every 100 PHP requests." This probability is controlled by the following parameters: #The probability is gc_probability/gc_divisor session.gc_probability = 1 session.gc_divisor = 100 Note: 1. Assume that in this case gc_maxlifetime=120, if a session file was last modified 120 seconds ago, then the session will still be valid before the next recycling (1/100 probability) occurs. 2. If your session uses session.save_path to save the session elsewhere, the session recycling mechanism may not automatically process expired session files. At this time, you need to delete expired sessions manually (or crontab) regularly: cd /path/to/sessions; find -cmin +24 | xargs rm 4, special circumstances Since the recycling mechanism will check the "last modification time" of the file, if a session is active but the content of the session has not changed, then the corresponding session file has not changed, and the recycling mechanism will consider this to be a long time. There is no active session and it is deleted. Can be solved by the following code: <?php if(!isset($_SESSION['last_access'])||(time()-$_SESSION['last_access'])>60) $_SESSION['last_access'] = time(); ?> Copy after login The code will try to modify the session every 60 seconds. Summary: If you want to modify the session expiration time, just modify the variable gc_maxlifetime. PHP5's session uses a passive recycling mechanism (garbage collection). Expired session files will not disappear by themselves, but expired sessions will be processed by triggering "recycling". Let’s introduce these, I hope it will be helpful to everyone. |
How to light up Douyin close friends moment
Advantages of downloading the official website of Yiou Exchange App
How to enter the d drive with cmd
What should I do if my QQ account is stolen?
Migrate data from Android phone to Apple phone
sort function python usage
Introduction to the main work content of front-end engineers
Photo display time
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
