Home » » PHP Sessions - setcookie

PHP Sessions - setcookie

06:56
mplement a session timeout of your own.
 Both options mentioned by others session.gc_maxlifetime
 and session.cookie_lifetime are not reliable.

session.gc_maxlifetime
session.gc_maxlifetime specifies the number
of seconds after which data will be seen as
 'garbage' and cleaned up. Garbage collection
 occurs during session start.

But the garbage collector is only started with
a probability of session.gc_probability divided
 by session.gc_divisor. And using the default
values for those options 1 and 100 respectively,
the chance is only at 1%.

Well, you could simply adjust these values
 so that the garbage collector is started
more often. But when the garbage collector
is started, it will check the validity for
every registered session. And that is cost-intensive.

Furthermore, when using PHP's default
session.save_handler files, the session data
 is stored in files in a path specified in
session.save_path. With that session handler,
 the age of the session data is calculated on
 the file's last modification date and not the
last access date

if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) {
    // last request was more than 30 minutes ago
    session_unset();     // unset $_SESSION variable for the run-time 
    session_destroy();   // destroy session data in storage
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
 
Updating the session data with every request also 
changes the session file's modification date so that the session
 is not removed by the garbage collector prematurely.
Categories: 
Related Posts:
  • PHP Date / Time Functions checkdate — Validate a Gregorian date date_add — Alias of DateTime::add date_create_from_format — Alias of DateTime::createFromFormat date_create — Alias of DateTime::__construct date_date_set — Alias of DateTime::setDate … Read More
  • PHP HTTP Functions ob_deflatehandler — Deflate output handler ob_etaghandler — ETag output handler ob_inflatehandler — Inflate output handler http_parse_cookie — Parse HTTP cookie http_parse_headers — Parse HTTP headers http_parse_message — P… Read More
  • PHP Array Functions array_change_key_case — Changes all keys in an array array_chunk — Split an array into chunks array_combine — Creates an array by using one array for keys and another for its values array_count_values — Counts all the value… Read More
  • CREATING THE DATABASE To create a database, connect to MySQL and run the CREATE DATABASE command. This is theMySQL command to create a database called mydatabase: CREATE DATABASE ’mydatabase’; <?phpdefine(“MYSQLUSER”, “root”);define(“MYSQLP… Read More
  • Including and Requiring PHP Files To make your code more readable, you can place your functions in a separate file. Many PHP add-ons that you download off the Internet contain functions already placed into files that you simply include in your PHP program… Read More
  • PHP MySQL Functions mysql_field_len — Returns the length of the specified field mysql_field_name — Get the name of the specified field in a result mysql_field_seek — Set result pointer to a specified field offset mysql_field_table — Get … Read More
  • PHP Configuration Directives Although the focus of this book is application security, there are a few configuration directives with which any security-conscious developer should be familiar. The configuration of PHP can affect the behavior of the cod… Read More
  • PHP Zip File Functions zip_close — Close a ZIP file archive zip_entry_close — Close a directory entry zip_entry_compressedsize — Retrieve the compressed size of a directory entry zip_entry_compressionmethod — Retrieve the compression meth… Read More
  • Cleaning Strings Often, the strings we get from files or users need to be cleaned up before we can use them. Two common problems with raw data are the presence of extraneous whitespace, and incorrect capitalization (uppercase versus lowercas… Read More
  • Defining Functions There are already many functions built into PHP. However, you can define your own and organize your code into functions. To define your own functions, start out with the function statement: function some_function([argumen… Read More
  • Length of a String The length property of a string is determined with the strlen( ) function, which returns the number of eight-bit characters in the subject string: integer strlen(string subject) We used strlen( ) earlier in the chapter t… Read More
  • PHP Variable names Variable names always begin with a dollar sign ($) and are case-sensitive. Here aresome valid variable names:$pill$ad_count$dForce$I_kk_PHP$_underscore$_intHere are some illegal variable names:$not valid$|$3ka  These va… Read More
  • Creating Arrays PHP provides the array( ) language construct that creates arrays. The following examples show how arrays of integers and strings can be constructed and assigned to variables for later use: $numbers = array(5, 4, 3, 2, 1);… Read More
  • PHP - Echo <?php $myiString = "Hi!"; echo $myiString; echo "<h5>I love PHP!</h5>"; ?>   Display: Hi! I love  PHP!  A simple form example     1 <html> 2 <head> 3 <title&g… Read More
  • Substrings PHP If you know where in a larger string the interesting data lies, you can copy it out with the substr( ) function: $piece = substr(string, start [, length ]); The start argument is the position in string at which to begin copy… Read More