Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

The setting of session expiration time and the steps of session recovery mechanism in php

2025-01-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/03 Report--

This article mainly introduces "session expiration time setting and session recovery mechanism method steps in php". In daily operation, I believe many people have doubts about session expiration time setting and session recovery mechanism method steps in php. Xiaobian consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts about "session expiration time setting and session recovery mechanism steps in php". Next, please follow the editor to study!

Summary: for each php request, there is a 100% probability (default) of triggering "session Recycling". If "session recycling" occurs, the / tmp/sess_* file is checked, and if the last modification time exceeds 1440 seconds (the value of gc_maxlifetime), it is deleted, meaning that the session expires.

1. How does session exist on the end (usually with PHP module)?

By default, php saves the session in the / tmp directory, and the file name looks like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each file corresponds to a session (session).

More / tmp/sess_01aab840166fd1dc253e3b4a3f0b8381

Username | SRV 9: "jiangfeng"; admin | Svv 1: "0"

# variable name | Type: length: value

Delete the session file here, which means that the corresponding session is invalid.

2. How does session exist on the client side (usually the browser)?

Session is on the browser side, so you only need to save the session ID (the only ID generated by the server side). There are two ways to save it: in cookie and in url. If you save session ID in cookie, you can see that there is a PHPSESID variable in the browser's cookie. If it is passed by URL, you can see something like:

URL for index.php?PHPSESID=01aab840166fd1dc253e3b4a3f0b8381. (use session.use_cookies to control which method is used on the server side)

3. On the server side, how does php determine whether the session file is out of date?

If the "last modification time" to "now" exceeds gc_maxlifetime (default is 1440) seconds, the session file is considered to have expired, and the next time session reclaims, if the file has not been changed, the session file will be deleted (session will expire).

To put it simply, if I log in to a website and do not operate within 1440 seconds (the default), then the corresponding session is considered to have expired.

So, changing the gc_maxlifetime variable in the php.ini file can extend the expiration time of session: (for example, we change the expiration time to 86400 seconds)

Session.gc_maxlifetime = 86400

Then, restart your web service (usually apache).

Note: the session expiration in php5 uses the recycling mechanism. The time set here is 86400 seconds, and if the session has not been modified within 86400 seconds, it will really be deleted the next time it is "recycled".

3. When will session "recycling" take place?

By default, there is a 100% probability of recycling for every php request, so it may be simply understood as "one for every 100 php requests." This probability is controlled by the following parameters

# probability is gc_probability/gc_divisor

Session.gc_probability = 1

Session.gc_divisor = 100

Note 1: suppose this is the case, gc_maxlifetime=120. If the last modification time of a session file is 120 seconds, then the session is still valid until the next collection (the probability of 100%).

Note 2: if your session uses session.save_path to save session,session recycling somewhere else, it may not automatically process out-of-date session files. In this case, you need to delete expired session:cd / path/to/sessions; find-cmin + 24 manually (or crontab) regularly. | xargs rm

4. Some special circumstances

Because the recycling mechanism checks the "last modification time" of the file, if a session is active but the contents of the session have not changed, then the corresponding session file has not changed, and the recycling mechanism will delete it as a session that has not been active for a long time. We don't want to see this, and we can solve this problem by adding the following simple code:

The copy code is as follows:

The code will try to modify the session every 60 seconds.

Summary: if you want to change the session expiration time, modify the variable gc_maxlifetime. The session of php5 adopts passive recycling mechanism (garbage collection). Expired session files do not disappear by themselves, but handle expired session by triggering "recycling".

At this point, the study on the "session expiration time setting and session recovery mechanism and method steps in php" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 214

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report