Page 1 of 1
Session Sub Directories
Posted: Wed Aug 16, 2006 3:33 pm
by icesolid
I have a script that users type a report in and it stores the report in a database. The users log in and I use sessions to accomplish this. My problem is the time it takes the users to fill out the report. Some users take almost 30 minutes to fill it out, and this is something we need to allow our users to do. The users get timed out EVERY time.
I was unable to find any type of code on PHP.net that showed me how to set sessions timeout time, so I asked around and I heard that there is a way to configure "sub directories" with sessions.
My question is how to do this and is it safe, opinions please!
Posted: Wed Aug 16, 2006 3:36 pm
by Luke
what exactly is the problem? it's timing out?
Yes
Posted: Wed Aug 16, 2006 3:36 pm
by icesolid
Yes it is.
Posted: Wed Aug 16, 2006 3:38 pm
by feyd
http://php.net/ref.session#ini.session.save-path
I don't see what having subdirectories for session would accomplish for your particular problem.
Is It Safe
Posted: Wed Aug 16, 2006 3:40 pm
by icesolid
Is using save_path safe?
Re: Is It Safe
Posted: Wed Aug 16, 2006 3:42 pm
by feyd
icesolid wrote:Is using save_path safe?
Safe... how do you define safe?
Posted: Wed Aug 16, 2006 3:45 pm
by icesolid
If i use save_path how will that keep my users logged in longer? or for how long? is there a way of setting the time they can be logged in for?
Posted: Wed Aug 16, 2006 3:49 pm
by Luke
Posted: Wed Aug 16, 2006 4:09 pm
by feyd
icesolid wrote:If i use save_path how will that keep my users logged in longer? or for how long? is there a way of setting the time they can be logged in for?
that's why I was confused as to why you wanted to know about subdirectory storage when talking of premature session expiration.
I think the first thing to do is determine what lifespan PHP has set for the sessions, both the cookies and the session files via garbage collection. If the length they show is considerably longer than the times you're seeing kill the session, it's time to talk to the host. If they are unwilling to alter the timeframe between temporary directory cleanings, consider setting your session save_path to a directory not in the temporary paths of the server. If the host doesn't allow that, consider database sessions.
... or just cut out everything and move to database sessions.
