4

I have some issues concerning the timeout of a php session. I have set the following values during runtime of the application:

session.gc_maxlifetime = 3600
session.cookie_lifetime = 3600
session.save_path = myApplicationPath/tmp
session.use_cookies = 1
session.use_only_cookies = 1

However, my session keeps expiring in about 30 mins. Also, my tmp directory remains empty, so it appears no cookies are actually being set. echoing ini_get("session.save_path") does return the right path though.

Improve this question
3
  • 1
    Just to check: Ensure you're setting the ini values before you're calling session_start. Additionally compare with the output of phpinfo() you can place into a test-file. Commented Aug 1, 2011 at 17:08
  • values are indeed set before session_start. phpinfo states: local value var/www/myproject/tmp master value /etc/lib/php5. The session files are still written to the master value. Commented Aug 2, 2011 at 8:33
  • Found it! Using Zend_Session you don't get notices about a session started elsewhere. When I stopped using Zend_Session I got the notice. Putting my code way up in the bootstrap solved the problem. Commented Aug 2, 2011 at 8:52

2 Answers 2

Reset to default
2

Note:

If different scripts have different values of session.gc_maxlifetime but share the same place for storing the session data then the script with the minimum value will be cleaning the data. In this case, use this directive together with session.save_path.

PHP Manual

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

The OP has rather described the opposite behavior: The sessions do not expire until 30 minutes although session.gc_maxlifetime states 6 minutes.
AFAIU session.gc_maxlifetime is 1 hour and sessions die before they should do
Oh wow, sorry, it’s my fault. Don’t know how I ever could misinterpret 3600 seconds as 6 instead of 60 minutes. ;)
1

I'd say that PHP cannot find your save_path or does not have permission to write on that, so it stores session files (not cookies) in the default shared directory (so the site with shortest gc_maxlifetime will remove sessions from all other sites).

Improve this answer

3 Comments

That would be my own guess as well. Output of save_path gives me the correct path however, and the directory has 777 permissions.
session files are indeed written to the default dir. What am I missing here?
session.save_path = myApplicationPath/tmp: Does your real path actually not start with slash?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.