Many people on the internet have answered: Modify the Session.gc_maxlifetime in the configuration file. If you want to learn more about the session recycling mechanism, read on. (This article Environment php5.2)
Overview: Each time a PHP request, a 1/100 probability (the default) triggers a "session recycle". If "Session recycling" occurs, the/tmp/sess_* file is checked, and if the last modification time is now more than 1440 seconds (the Gc_maxlifetime value), it is deleted, meaning that these sessions expire.
1. How does the session exist in the end (typically with PHP module)?
By default, PHP saves the session in the/tmp directory, and the file name looks like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each file corresponds to a session.
more/tmp/sess_01aab840166fd1dc253e3b4a3f0b8381
Username|s:9: "Jiangfeng"; admin|s:1: "0″;
#变量名 | Type: Length: Value
Delete the session file here, it means that the corresponding session is invalid.
2. How does the session exist on the client side (typically the browser)?
Session is on the browser side, you can simply save the session ID (the unique ID generated by the server side). There are two ways to save: In a cookie, in a URL. If you save the session ID in a cookie, you can see that there is a PHPSESID variable in the browser's cookie. If the URL is passed, you can see the shape:
Index.php? The URL of the phpsesid=01aab840166fd1dc253e3b4a3f0b8381. (using Session.use_cookies to control which way to use on the server side)
3. On the server side, how does PHP determine if the session file expires?
If the "Last modification Time" to "now" exceeds the Gc_maxlifetime (default is 1440) seconds, this session file is considered to be expired, and in the next session collection, if the file is still not changed, The session file will be deleted (sessions expire).
Simply put, if I log on to a website, if there is no operation within 1440 seconds (the default), then the corresponding session is considered expired.
Therefore, modifying the gc_maxlifetime variable in the php.ini file can prolong the expiration of the session: (for example, we modify the expiration time to 86,400 seconds)
Session.gc_maxlifetime = 86400
Then, restart your Web service (typically Apache).
Note: The php5 inside the session expired using the recycle mechanism. This setting has a time of 86,400 seconds, and if the session has not been modified in 86,400 seconds, then the next "recycle" is really deleted.
3. When does the session "recycle" occur?
By default, each time a PHP request, there will be 1/100 of the probability of recycling, so it may be simply understood as "every 100 times PHP request has a recycle." This probability is controlled by the following parameters
#概率是gc_probability/gc_divisor
session.gc_probability = 1
Session.gc_divisor = 100
Note 1: Assuming this situation is gc_maxlifetime=120, if a session file is last modified 120 seconds ago, the session will still be valid until the next time the recovery (1/100 probability) occurs.
NOTE 2: If your session uses Session.save_path to save the session,session recycle mechanism, it is possible that the expired session file will not be processed automatically. At this time need to manually (or crontab) to delete expired session:cd/path/to/sessions; Find-cmin +24 | Xargs RM
4. Some special circumstances
Because the recycle mechanism will check the file "last modified", so if a session is active, but the contents of the sessions have not changed, then the corresponding time file has not changed, the recycling mechanism will consider it a long time no active session and delete it. This is something we don't want to see, and we can solve this problem by adding the following simple code:
Copy Code code as follows:
<?phpif (!isset ($_session[' last_access ')) | | (Time ()-$_session[' last_access ') >60) $_session[' last_access '] = time ();? >
The code tries to modify the session every 60 seconds.
Summary: If you want to modify the session expiration time, modify the variable gc_maxlifetime. The PHP5 session uses a passive recovery mechanism (garbage collection). Expired session files do not disappear on their own, but instead handle expired sessions by triggering a "recycle".
