International PHP Conference Berlin 2023

Session Handling

add a note

User Contributed Notes 1 note

up
10
e dot mortoray at ecircle dot com
13 years ago
There is a nuance we found with session timing out although the user is still active in the session.  The problem has to do with never modifying the session variable.

The GC will clear the session data files based on their last modification time.  Thus if you never modify the session, you simply read from it, then the GC will eventually clean up.

To prevent this you need to ensure that your session is modified within the GC delete time.  You can accomplish this like below.

<?php
if( !isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60 )
 
$_SESSION['last_access'] = time();
?>

This will update the session every 60s to ensure that the modification date is altered.
To Top