PHP Session has no effect because of what

Session in the development of a very important data storage variables, it can achieve different pages of the value of the transfer, the following we have to introduce you in the use of the session to encounter the expiration of the invalid some of the problems, the need for friends can refer to the next

PHP Session Invalidation Analysis

PHP development process, there may be friends often encounter the session generated by the file can not be automatically cleared, in fact, not really can not clear, but there is a probability problem, as long as your site access volume is large enough, those files can be automatically erased. If the number of visits is less, and look at those files are not pleasing to the eye, as long as the configuration in the php.ini can realize the session file automatic removal function, the specific configuration is as follows:

Found it

session.gc_probability = 1
Session.gc_pisor = 1000

The above two parameters are actually this probability, by default is 1/1000

Change session.gc_pisor = 1000 to Session.gc_pisor = 100

If you want to achieve full real-time, then you can change this parameter to 1, so the probability is 100%.

See how the session works.

Overview: Every PHP request, a 1/100 probability (default) triggers a "session recycle". If "Session recycling" occurs, then the/tmp/sess_* file is checked, and if the last modification time is now more than 1440 seconds (gc_maxlifetime value), it is deleted, which means that the session expires.

1. How does the session exist on the server side (typically Apache with PHP module)?

By default, PHP will save the session in the/tmp directory, the file name looks like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each of the files corresponds to a session.

More/tmp/sess_01aab840166fd1dc253e3b4a3f0b8381username|s:9: "Jiangfeng"; admin|s:1: "0〃;

#变量名 | Type: Length: Value

Delete the session file here, it means that the corresponding session is invalid.

2. How does the session exist on the client side (typically a browser)?

Session on the browser side, only need to save the session ID (generated by the server side of the unique ID). There are two ways to save: In a cookie, in a URL. If you save the session ID in a cookie, you can see a phpsesid variable in the browser's cookie. If the URL is passed, you can see the shape as follows:
Index.php? The URL of the phpsesid=01aab840166fd1dc253e3b4a3f0b8381. (Use Session.use_cookies to control which method is used on the server side)

3. On the server side, how does PHP determine if the session file expires?

If the "Last modified time" to "now" exceeds Gc_maxlifetime (default is 1440) seconds, the session file is considered to be out of date, the next time the session is recycled, if the file is still not changed, The session file will be deleted (the session will expire).
To put it simply, if I log in to a Web site, if there is no action within 1440 seconds (the default), then the corresponding session is considered to be out of date.
Therefore, modifying the gc_maxlifetime variable in the php.ini file can prolong the session Expiration time: (for example, we change the expiration time to 86,400 seconds)

Session.gc_maxlifetime = 86400

Then, restart your Web service (typically Apache).
Note: The PHP5 inside session expires using the recycle mechanism. This setting time is 86,400 seconds, if the session has not been modified in 86,400 seconds, then the next "recycling" is really deleted.

4. When does the session "recycle" occur?

By default, every PHP request will have a 1/100 probability of recycling, so it might simply be understood as "one recovery per 100 PHP requests". This probability is controlled by the following parameters
#概率是gc_probability/gc_pisor

session.gc_probability = 1
Session.gc_pisor = 100

Note 1: Assuming this situation is gc_maxlifetime=120, if the last modification time of a session file is 120 seconds ago, the session will still be valid until the next recovery (1/100 probability) occurs.
NOTE 2: If your session uses Session.save_path to save the session,session recycle mechanism, it is possible that the expired session file will not be processed automatically. You will need to periodically delete the expired session manually (or crontab):

Cd/path/to/sessions; Find-cmin +24 | Xargs RM

5. Some special cases

Because the recycle mechanism will check the file's "Last Modified time", so if a session is active, but the content of session has not changed, then the corresponding session file has not changed, the recycling mechanism will consider this is a long time inactive session and delete it. This is something we don't want to see, and can be solved by adding the following simple code:

<?php if (!isset ($_session[' last_access ')) | | (Time ()-$_session[' last_access ') >60)  $_session[' last_access '] = time ();?>

The code will attempt to modify the session every 60 seconds.
Summary: If you want to modify the session expiration time, modify the variable gc_maxlifetime on it. The PHP5 session uses a passive recovery mechanism (garbage collection). The expired session file does not disappear by itself, but instead causes the expired session to be processed by triggering "recycle".

Let's take a look at some of the other setup session time issues below

Session Expiration Time parameter

Set the expiration time parameters, mainly set the parameters of the Session.gc_maxlifetime, and then the set of insurance, set the following two parameters.

Ini_set (' Session.cookie_lifetime ', 0); Available Print_r (Session_get_cookie_params ()); Observe Ini_set (' Session.gc_maxlifetime ', 3600); Available with Echo ini_get ("Session.gc_maxlifetime"); Observation

Session_cookie_lifetime is set to 0, the representative waits until browser to clear the cookie. (Session and browser cookies are relevant)

If you're too lazy to think about it, just use the function below.

Session Expiration Time Program

<?phpfunction start_session ($expire = 0) {  if ($expire = = 0) {    $expire = ini_get (' session.gc_maxlifetime '); c3/>} else {    ini_set (' Session.gc_maxlifetime ', $expire);  }  if (Empty ($_cookie[' Phpsessid ')) {    session_set_cookie_params ($expire);    Session_Start ();  } else {    session_start ();    Setcookie (' Phpsessid ', session_id (), time () + $expire);}  }? >

How to use

Added at the top of the program: Start_session (600); Representative expires in 600 seconds (replaces the original session_start ())
If you want to extend the expiration time again, just make the changes again.

However, there is a problem to note that the PHP session preset is stored as file, so/tmp may be caused by this setting to explode (too many files), usually the solution is to put the session into the Db/memcache.