PHP 会话超时太快
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3476538/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP sessions timing out too quickly
提问by jefffan24
I'm using php Sessions on my website and it seems like they are "disappearing" at random intervals. I don't know if they are timing out due to inactivity or if something is wrong with my code, but is there some way to control the sessions of when they expire?
我在我的网站上使用 php Sessions,它们似乎是随机“消失”的。我不知道它们是否由于不活动而超时,或者我的代码是否有问题,但是有什么方法可以控制它们何时过期?
Like can I put something in my code or change something in the php.ini file?
就像我可以在我的代码中添加一些东西或在 php.ini 文件中更改一些东西吗?
Update-So just and update here, I switched hosts and magically the sessions started working. I have no clue what was wrong but apparently they did not want to work correctly.
更新 -所以只是在这里更新,我切换了主机,会话开始工作。我不知道出了什么问题,但显然他们不想正常工作。
回答by álvaro González
Random expiration is a classical symptom of session data directory shared by several applications: the one with the shortest session.gc_maxlifetimetime is likely to remove data from other applications. The reason:
随机过期是多个应用程序共享会话数据目录的典型症状:session.gc_maxlifetime时间最短的应用程序可能会从其他应用程序中删除数据。原因:
- PHP stores session files in the system temporary directory by default.
The builtin file handler doesn't track who owns what session file (it just matches file name with session ID):
- PHP 默认将会话文件存储在系统临时目录中。
内置文件处理程序不跟踪谁拥有什么会话文件(它只是将文件名与会话 ID 匹配):
My advice is that you configure a private custom session directory for your application. That can be done with the session_save_path()functionor setting the session.save_pathconfiguration directive. Please check your framework's documentation for the precise details on how to do it in your own codebase.
我的建议是为应用程序配置一个私有的自定义会话目录。这可以通过session_save_path()函数或设置session.save_path配置指令来完成。请查看您的框架文档以获取有关如何在您自己的代码库中执行此操作的准确详细信息。
回答by Docunext
Debian uses a cron job to automatically expire sessions in a secure manner. If you are using Debian, look at /etc/cron.d/php5.
Debian 使用 cron 作业以安全的方式自动使会话过期。如果您使用的是 Debian,请查看 /etc/cron.d/php5。
回答by Rubyist
You can use it technique to make compatible your application according to you. You have to make few changes according to your system
您可以使用它的技术根据您的要求使您的应用程序兼容。您必须根据您的系统进行一些更改
// Get the current Session Timeout Value
$currentTimeoutInSecs = ini_get('session.gc_maxlifetime');
Change the Session Timeout Value
更改会话超时值
// Change the session timeout value to 30 minutes // 8*60*60 = 8 hours
ini_set('session.gc_maxlifetime', 30*60);
//————————————————————————————–
// php.ini setting required for session timeout.
ini_set(‘session.gc_maxlifetime',30);
ini_set(‘session.gc_probability',1);
ini_set(‘session.gc_divisor',1);
//if you want to change the session.cookie_lifetime.
//This required in some common file because to get the session values in whole application we need to write session_start(); to each file then only will get $_SESSION global variable values.
$sessionCookieExpireTime=8*60*60;
session_set_cookie_params($sessionCookieExpireTime);
session_start();
// Reset the expiration time upon page load //session_name() is default name of session PHPSESSID
if (isset($_COOKIE[session_name()]))
setcookie(session_name(), $_COOKIE[session_name()], time() + $sessionCookieExpireTime, “/”);
//————————————————————————————–
//To get the session cookie set param values.
$CookieInfo = session_get_cookie_params();
echo “<pre>”;
echo “Session information session_get_cookie_params function :: <br />”;
print_r($CookieInfo);
echo “</pre>”;
回答by Alex Pliutau
Try to use this part of code:
尝试使用这部分代码:
session_start();
$inactive = 600;
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive) {
session_destroy();
header("Location: logoutpage.php");
}
$_SESSION['timeout']=time();
