We developed a system that only the company's customer service staff can use--a limited number of customer service personnel. It is this limited number of customer service personnel suddenly raised the question a few days ago: we every very short period of time (half an hour do not operate the page), is anxious to solve customer problems, the system is prompted to login, delay the customer's time ... This is very unpleasant!
The customer is God, the only God. So the peak asks us to be able to realize that the session in PHP never expires, unless our customer service personnel let him expire. For security reasons I do not understand this never-expiring behavior; I really don't want to change the previous program for the sake of laziness. But there is no way, I still need to change.
Do not modify the program is the best way, because if you modify the program, the test department must be very depressed like me, then can only modify the system environment configuration, is actually very simple, open php.ini settings file, modify three lines as follows:
1, Session.use_cookies
Set this value to 1 and use a cookie to pass the SessionID
2, Session.cookie_lifetime
This represents sessionid the time that the client cookie is stored, the default is 0, which means that the browser shuts down SessionID. This is why the session of PHP cannot be used permanently! So let's set it to a number we think is big, 999999999 how, yes!
3, Session.gc_maxlifetime
This is the session data on the server side of the storage time, if more than this time, then the session data will be automatically deleted! Then we also set it to 99999999.
That's all OK, of course, if you don't believe it, just test it--set a session value after a 10-day half-month return to see if your computer is not powered down or down, you can still see this sessionid.
Of course, you may not have control of the server permissions and not as fortunate as I can modify the php.ini settings, all depend on ourselves there is a way, of course, you must use the client to store cookies, the resulting sessionid stored in the client's cookie, Set the value of this cookie and pass this value to the function session_id (), as follows:
Copy the Code code as follows:
Session_Start (); Start session
$_session[' count ']; Register Session variable Count
Isset ($PHPSESSID)? session_id ($PHPSESSID): $PHPSESSID = session_id ();
If $phpsessid is set, the SessionID is assigned to $PHPSESSID, otherwise it is generated SessionID
$_session[' count ']++; Variable count plus 1
Setcookie (' Phpsessid ', $PHPSESSID, Time () +3156000); Store SessionID into cookies
Echo $count; Displays the value of the session variable count
?>
If long after (how long?) you come back to refresh this page, the output of the number is 1 bigger than when you go that's right! If a lot bigger, it is estimated who moved your computer, this test is not accurate, hehe ... Go out for a while!
Note: The ' Phpsessid ' in the Setcookie line is not certain, and if you encounter a network administrator with a modified mania, he may have modified it, and the best way is to use the phpinfo () function to see Confirm the value of Session.name one item, compare science.
The above describes the ElcomSoft wireless security au PHP in the session will never expire the solution and sharing of methods, including the ElcomSoft wireless security au content, You want to be helpful to a friend who is interested in PHP tutorials.