CODEWITHSUNDEEP
php
jela
jela

Reputation: 1469

why is my PHP session expiring prematurely?

According to Chrome, my site's PHPSESSID cookie expiration is set to

Expires:    Monday, November 26, 2012 2:46:39 PM

But the session expires after only a few hours. I am calling session_start() on each page. Reading solutions offered for similar questions, I tried setting

ini_set("session.cache_expire",300*24*60*60);

and

ini_set("session.gc_maxlifetime",100*24*60*60);

prior to session_start() but this did not solve the problem. (Their initial values are set to 180 and 1440 respectively.)

I'm on a shared server, and another suggestion was to change the default tmp directory so it's not root (where some garbage collection process might be deleting the cookies), so I did this with

$docroot = $_SERVER['DOCUMENT_ROOT'];
$tmpdir = "$docroot/tmpx";
session_save_path($tmpdir);

This does not solve the problem. (I also have the same problem in other browsers, not just Chrome.) What else might I be doing wrong?

UPDATE: I saved the file for my current session locally, then tried logging in a few hours later. While the PHPSESSID cookie in Chrome (ie, the cookie whose content is this session file's name) remains stored with a date 100 days in the future as expected, the actual session file on the server now contains no data. (It exists but it is 0 bytes instead of 192 bytes as previously.) So it looks like the session file is not getting deleted, but the contents are getting erased.

Upvotes: 3

Views: 3169

Answers (2)

alecwhardy
alecwhardy

Reputation: 2718

There are many possible reasons why session data is not being correctly handled. Most likely, the session is not being started on EVERY page that is loaded and uses the data. To fix this, make sure that session_start() is started on every single page that is called or redirected to. Also, if you make any changes to the session configuration (ex, ini_set()), make sure that that is applied either globally or on each any every page. To apply it globally, add 

php_flag session.gc_maxlifetime <your value>
php_flag session.cache_expire <your value>

to your .htaccess file. Alternatively, you can add

ini_set("session.gc_maxlifetime", <value>);
ini_set("session.cache_expire", <value>);

directly before session_start() on every page that calls session_start().

Upvotes: 4

Ross Smith II
Ross Smith II

Reputation: 12179

Add this before session_start():

ini_set('session.use_cookies', 1);
ini_set('session.cookie_lifetime', 300*24*60*60);

File-based sessions may be broken on your system, for any number of reasons. Try using database-based sessions and see if that fixes things.

Upvotes: -1

Related Questions