PHP How to set a strict control of the expiration time of the session detailed

This article mainly introduced PHP to set a strict control expiration time of the session method, has a good reference value. Let's take a look at the little series.

1.php Session Expiration Date

PHP Session validity is 1440 seconds (24 minutes) by default, if the client does not refresh for more than 24 minutes, the current session will be recycled and invalidated.

When the user closes the browser, the session ends and the sessions expire.

You can modify the php.ini session.gc_maxlifetime to set the session life cycle, but it is not guaranteed that the session information will be deleted immediately after this time. Because the GC is started by chance, it may not be started for a long time. So a lot of sessions are still valid after session.gc_maxlifetime.

2.session.gc_maxlifetime,session.gc_probability,session.gc_pisor description

Session.gc_maxlifetime = 30 indicates that when the session file has not been accessed in the second, it is considered an expired session, waiting for GC to be reclaimed.

The probability of a GC process call is calculated by session.gc_probability/session.gc_pisor , while session.gc_pisor defaults to 1000.

If session.gc_probability = 1000, the GC process is called every time the Session_Start () is executed, and the recycle is performed.

Raising the odds of Session.gc_probability/session.gc_pisor can help, but it can have a serious impact on performance.

3. Strict control of the session expiration method

1. Use Memcache/redis to save the session, set the expiration time, because the Memcache/redis recovery mechanism is not based on the probability, you can ensure that the session expires after the expiration.

2. Only use PHP implementation, create a session class, when the session is written, the expiration time is also written. When read, determines whether it has expired based on the expiration time.

<?php/** * Session Control class */class session{  /**   * Set Session   * @param String $name  Session name   * @ Param Mixed $data  session Data   * @param Int  $expire Time Out (seconds)   *  /public static function set ($name, $ Data, $expire =600) {    $session _data = Array ();    $session _data[' data ' = $data;    $session _data[' expire ') = time () + $expire;    $_session[$name] = $session _data;  }  /**   * Read session   * @param String $name Session name   * @return Mixed */public  static function get ($name) {    if (isset ($_session[$name])) {      if ($_session[$name] [' Expire ']>time ()) {        return $_session[$name] [' Data '];      } else{        self::clear ($name);      }    }    return false;  }  /**   * Clear Session   * @param String $name Session name   *  /private static function Clear ($name) {    Unset ($_session[$name]);}  ? >

Demo

<?phpsession_start (); $data = ' 123456 '; Session::set (' Test ', $data, ten); Echo session::get (' Test '); Not expired, output sleep (+), echo session::get (' Test '); Expired?>

Related recommendations:

PHP Session Timeout Strict control Instance _php tutorial

PHP strictly controls the expiration time of the session _php tutorial

PHP Strict control session Expiration Time _php Tutorial _ Programming Technology