NYCPHP Meetup

NYPHP.org

[nycphp-talk] Session Handling

Anirudh Zala (Gmail) arzala at gmail.com
Wed Aug 24 00:05:33 EDT 2005


----- Original Message -----
From: Michael Sims
To: NYPHP Talk
Sent: Tuesday, August 23, 2005 7:07 PM
Subject: Re: [nycphp-talk] Session Handling

On Tuesday 23 August 2005 00:39, Anirudh Zala (Gmail) wrote:

> php_value session.gc_maxlifetime 7200
>
> But interestingly, this is not working at all and session is seen as
> garbage after it's default timeout period set by php (i.e 24 mins). We
> store session files at default location (i.e under "/tmp") and it
> supports "atime" attribute as well. phpinfo() also shows local value of
> above directive as set to 7200 but session doesn't remain active for that
> amount time and is deleted after 24 hours.
>
> I have noticed on various forums that many ppl have faced this problem,
> and they do not have solution either. Does anyone have any ideas about
> this problem? Or am I missing some more configurations?

You probably have a shared hosting environment, where other websites are
being hosted on your server too, right?

I think this has even been addressed earlier in this thread, but here it is
again.  The PHP interpreter doesn't distinguish between sessions pertaining
to different sites hosted on the same server.  It treats all sessions
equally, and wipes them out after the specified time period.  So:

Situation A:
--You have session lifetime set high
--Someone else hosted on server has it set to default lifetime
Result: all sessions get wiped after 24 minutes

Situation B:
--You have session lifetime set to 1 minute
--Someone else hosted on server has it set to default lifetime
Result: all sessions get wiped after 1 minute, all other users hosted on
that server start posting to newsgroups that their sessions are only
lasting one minute and they don't know what is wrong

I think if you change the session save path to someplace not shared with
other users (but the webserver has to be able to read and write to it),
you'll be okay.

Thanks for suggestions, but this is not the case, I am experienced php
programmer and aware with all these possible situation which can this
problem. Although we are running different different websites, we have only
single httpd.conf file where everything is hosted and I have set higher
session time out value in that file only, so no other wiste is overridding
it. I have also checked whether "atime" is enabled for session directory or
not. And it is enabled. There is not even any other cron etc. script that
can empty "/tmp" folder after regualr interval. I know most of reason where
session time out may not work properly, but I have checked all of them and
none of them is causing this problem.

Sorry, I just forgot to mention these in my post, otherwise you could have
though in different directions.

Michael Sims
_______________________________________________
New York PHP Talk Mailing List
AMP Technology
Supporting Apache, MySQL and PHP
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org




More information about the talk mailing list