phpMyAdmin not removing PHP session properly

Question

I have noticed that every time I log in to phpMyAdmin a new session store file is created and it's never removed. Let me clarify:

I login to phpMyAdmin and I can notice that the PHP Session ID is being passed as a cookie named phpMyAdmin whose value is "44f4d5s4f4f4d5s" e.g. Also there is a file under the PHP session.save_path whose name is "sess_" followed by the same value ("44f4d5s4f4f4d5s"). This way I can tell that this session storage file is associated to the PHPMyAmdin session. Well, nothing wrong until now, PHPMyAdmin is simply using sessions. But if I close the browser, reopen and browse to PHPMyAdmin again, a new session ID is created, a new cookie with different value is sent and, of course a new sess_[ID HERE] file is created. And the old ones are not removed from disk and I think that, as they are not being used because a new session is created, they will remain there forever eating disk space!

I'm almost sure this behaviour is not desired. Maybe phpMyAdmin not calling session_destroy()?

I attach my config.inc.php, but I don't know where to start looking to know why this is happening:

<?php
/* Servers configuration */
$i = 0;

/* Server: localhost [1] */
$i++;
$cfg['Servers'][$i]['verbose'] = '';
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['AllowNoPassword'] = true;

/* End of servers configuration */

$cfg['blowfish_secret'] = '.......';
$cfg['DefaultLang'] = 'en';
$cfg['ServerDefault'] = 1;
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>

Thanks.

Answer 1

These session files won't remain forever there. PHP does session garbage collection, see http://php.net/manual/en/sessionhandler.gc.php.