I have a script that users type a report in and it stores the report in a database. The users log in and I use sessions to accomplish this. My problem is the time it takes the users to fill out the report. Some users take almost 30 minutes to fill it out, and this is something we need to allow our users to do. The users get timed out EVERY time.
I was unable to find any type of code on PHP.net that showed me how to set sessions timeout time, so I asked around and I heard that there is a way to configure "sub directories" with sessions.
My question is how to do this and is it safe, opinions please!
Session Sub Directories
Moderator: General Moderators
Session Sub Directories
Last edited by icesolid on Wed Aug 16, 2006 3:37 pm, edited 2 times in total.
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
http://php.net/ref.session#ini.session.save-path
I don't see what having subdirectories for session would accomplish for your particular problem.
I don't see what having subdirectories for session would accomplish for your particular problem.
Is It Safe
Is using save_path safe?
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
Re: Is It Safe
Safe... how do you define safe?icesolid wrote:Is using save_path safe?
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
that's why I was confused as to why you wanted to know about subdirectory storage when talking of premature session expiration.icesolid wrote:If i use save_path how will that keep my users logged in longer? or for how long? is there a way of setting the time they can be logged in for?
I think the first thing to do is determine what lifespan PHP has set for the sessions, both the cookies and the session files via garbage collection. If the length they show is considerably longer than the times you're seeing kill the session, it's time to talk to the host. If they are unwilling to alter the timeframe between temporary directory cleanings, consider setting your session save_path to a directory not in the temporary paths of the server. If the host doesn't allow that, consider database sessions.
... or just cut out everything and move to database sessions.