Shulou(Shulou.com)06/03 Report--

This article mainly introduces "the analysis of php Session invalidity and the introduction of workflow and expiration time parameters of session". In the daily operation, I believe that many people have doubts about the analysis of php Session invalidity and the introduction of session workflow and expiration time parameters. The editor consulted all kinds of materials and sorted out simple and useful operation methods. I hope it will be helpful for you to answer the doubts of "php Session invalid analysis and the introduction of session workflow and expiration parameters"! Next, please follow the editor to study!

Invalid analysis of php Session

In the process of PHP development, some friends may often encounter the problem that the files generated by Session cannot be cleared automatically, in fact, it is not really impossible to clear, but there is a probability problem, as long as the number of visits to your site is large enough, those files can be cleared automatically. If you have less traffic and don't like those files, you only need to configure in php.ini to automatically clear Session files. The specific configuration is as follows:

find

Session.gc_probability = 1

Session.gc_divisor = 1000

The above two parameters are actually this probability, which is 1max 1000 by default.

Just change session.gc_divisor = 1000 to session.gc_divisor = 100s.

If you want to achieve full real-time, you can change this parameter to 1, so the probability is 100%.

See how session works.

Summary: for each php request, there is a 100% probability (default) of triggering "session Recycling". If "session recycling" occurs, the / tmp/sess_* file is checked, and if the last modification time exceeds 1440 seconds (the value of gc_maxlifetime), it is deleted, meaning that the session expires.

1. How does session exist on the server side (usually Apache with PHP module)?

By default, php saves the session in the / tmp directory, and the file name looks like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each file corresponds to a session (session).

More / tmp/sess_01aab840166fd1dc253e3b4a3f0b8381username | SRV 9: "jiangfeng"; admin | SER 1: "0"

# variable name | Type: length: value

Delete the session file here, which means that the corresponding session is invalid.

2. How does session exist on the client side (usually the browser)?

Session is on the browser side, so you only need to save the session ID (the only ID generated by the server side). There are two ways to save it: in cookie and in url. If you save session ID in cookie, you can see that there is a PHPSESID variable in the browser's cookie. If it is passed by URL, you can see something like:

URL for index.php?PHPSESID=01aab840166fd1dc253e3b4a3f0b8381. (use session.use_cookies to control which method is used on the server side)

3. On the server side, how does php determine whether the session file is out of date?

If the "last modification time" to "now" exceeds gc_maxlifetime (default is 1440) seconds, the session file is considered to have expired, and the next time session reclaims, if the file has not been changed, the session file will be deleted (session will expire).

To put it simply, if I log in to a website and do not operate within 1440 seconds (the default), then the corresponding session is considered to have expired.

So, changing the gc_maxlifetime variable in the php.ini file can extend the expiration time of session: (for example, we change the expiration time to 86400 seconds)

Session.gc_maxlifetime = 86400

Then, restart your web service (usually apache).

Note: the session expiration in php5 uses the recycling mechanism. The time set here is 86400 seconds, and if the session has not been modified within 86400 seconds, it will really be deleted the next time it is "recycled".

4. When will session "recycling" take place?

By default, there is a 100% probability of recycling for every php request, so it may be simply understood as "one for every 100 php requests." This probability is controlled by the following parameters

# probability is gc_probability/gc_divisor

Session.gc_probability = 1

Session.gc_divisor = 100

Note 1: suppose this is the case, gc_maxlifetime=120. If the last modification time of a session file is 120 seconds, then the session is still valid until the next collection (the probability of 100%).

Note 2: if your session uses session.save_path to save session,session recycling somewhere else, it may not automatically process out-of-date session files. In this case, you need to delete the expired session manually (or crontab) regularly:

Cd / path/to/sessions; find-cmin + 24 | xargs rm

5. Some special circumstances

Because the recycling mechanism checks the "last modification time" of the file, if a session is active but the contents of the session have not changed, then the corresponding session file has not changed, and the recycling mechanism will delete it as a session that has not been active for a long time. We don't want to see this, and we can solve this problem by adding the following simple code:

The code will try to modify the session every 60 seconds.

Summary: if you want to change the session expiration time, modify the variable gc_maxlifetime. The session of php5 adopts passive recycling mechanism (garbage collection). Expired session files do not disappear by themselves, but handle expired session by triggering "recycling".

Let's take a closer look at some other problems of setting session time.

Session expiration time parameter

Set the expiration time parameters, mainly set the parameters of session.gc_maxlifetime, reinsurance point setting, set the following two parameters.

Ini_set ('session.cookie_lifetime', 0); / available print_r (session_get_cookie_params ()); observe ini_set (' session.gc_maxlifetime', 3600); / / available echo ini_get ("session.gc_maxlifetime"); observe

If session_cookie_lifetime is set to 0, it means wait until browser to clear the cookie. (session and browser cookie are related.)

If you're too lazy to think about it, just use the function below.

Session expiration time program

Mode of use

Add: start_session (600) to the top of the program; / / indicates that it will expire in 600 seconds (replacing the original session_start ())

If you want to extend the expiration time, you only need to make changes.

But there is a problem to note that the session of PHP is saved as file, so / tmp may burst because of this setting (there are too many files). The usual solution is to save session in DB/memcache.

At this point, the study on "invalid analysis of php Session and introduction of workflow and expiration parameters of session" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.