Page 1 of 1

session problems

Posted: Tue Nov 02, 2010 11:07 pm
by yacahuma
Hello,

Need some advise on this one.

The problem. Someone is using the application, they go out for lunch, come back, continue typing, when the click save, POOF!!, session has expired, they lost all the work, save button just send them to the login page. They claim that it has not been 2 hours, Maybe 1 hour.

At the top of every page I have

Code: Select all

    ini_set('session.gc_maxlifetime', 7200); // 2 hour inactive session    
    session_start();
Could session be affected by the machine+browser+os the user uses?


In my bank application I get a cool popup that allows me to login in again if session has expired and dont loose the information. I have never done this myself, need to guidance or nice tutorial links.

Is there a SURE way of making sure a session last the amount of time indicated by gc_maxlifetime??

Thank you

Re: session problems

Posted: Wed Nov 03, 2010 1:51 am
by cpetercarter
Storing sessions in a database can give you more precise control over things like the session duration.

Alternatively, you could design a simple autosave feature which uses AJAX to save the contents of the page to the database every, say, 2 minutes. (Like gmail does when you are composing an email). This gives your users protection against expired sessions, browser crashes, accidentally closing the browser tab, extended lunch breaks, extraterrestial abduction and other bad stuff.

Re: session problems

Posted: Wed Nov 03, 2010 2:15 am
by s.dot
If you can edit your server's php.ini file, make the change there.

If you can't edit your server's php.ini file...

Try setting that value in a .htaccess file

Code: Select all

php_value session.gc_maxlifetime 7200
Doing it there will eliminate the problem that if ini_set() isn't present in one of your files where session data is stored or manipulated, the lowest value will be used (in this case, the php.ini value which is probably 1440).