Page 1 of 1

Session lifetime and registered variable

Posted: Fri Jan 17, 2003 2:12 am
by desmondlk
Dear all,

I am currently using PHP version 4.0.4
the following is my session code.

Code: Select all

<?php
//session.php

session_start();

session_register("user");
$HTTP_SESSION_VARS["user"] = "admin";

[HTML]
To continue, <A HREF="Test.php">click here</A>
[/HTML]

?>

Code: Select all

<?php
//Test.php

session_start();

echo $HTTP_SESSION_VARS["user"];

if (!isset($HTTP_SESSION_VARS["user"])) {
   echo "not registered.";
}
else {
   echo "registered.";
}

?>
When I execute the file, it display nothing for

Code: Select all

<?php
echo $HTTP_SESSION_VARS["user"];
?>
and display not registered for

Code: Select all

<?php
if (!isset($HTTP_SESSION_VARS["user"])) {
   echo "not registered.";
}
else {
   echo "registered.";
}

?>
Besides that, how can set the session lifetime or expire duration?
I had try to configure the session section in php.ini at
session.cookie_lifetime = 60. However, it still works.

Someone please help. Thank in advance.

Posted: Fri Jan 17, 2003 2:25 am
by twigletmac
Try the following:

Code: Select all

<?php
//session.php
session_start(); 

$user = 'admin';
session_register('user'); 
?>

<html>
<body>
To continue, <a href="Test.php">click here</a> 
</body>
</html>

Code: Select all

<?php 
//Test.php 

session_start(); 

echo $user; 

if (session_is_registered('user')) { 
   echo 'not registered.'; 
} else { 
   echo 'registered.'; 
} 

?>
Mac

Posted: Fri Jan 17, 2003 2:31 am
by volka
does this work or output any error?

Code: Select all

<?php
// some settings for the duration of that script
ini_set('display_errors', TRUE); // ; Print out errors (as a part of the output).
ini_set('error_reporting', E_ALL); //  ; E_ALL  - All errors and warnings
ini_set('session.cookie_lifetime', '0'); // ; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session_start();
?>
<html><body><?php
if (isset($HTTP_SESSION_VARS['num']))
	++$HTTP_SESSION_VARS['num'];
else
	$HTTP_SESSION_VARS['num']=0;
echo '$HTTP_SESSION_VARS[num]=', $HTTP_SESSION_VARS['num'];
?>
<form>
	<input type="submit" value="reload" />
</form></body></html>
edit: twigletmac, you're too fast :D
edit2: ini_set('display_errors', 'On'); doesn't work :oops: but TRUE does

Posted: Fri Jan 17, 2003 3:54 am
by desmondlk
>>Thanks twigletmac and volka,

>>About the lifetime of the session, if I set to 60 seconds, the session still 'alive'
>>and I can proceed the next page with the same session id.

>>Can I set the seesion expire, delete it and not allow user to proceed to
>>next page as well?

>>Besides that. if I use session_destroy() when user log out, it delete the session id.

>>Please help. Thank you.

Posted: Fri Jan 17, 2003 4:19 am
by volka
unsure wether I unstand the question. Maybe you're interested in http://www.php.net/manual/en/ref.sessio ... robability and http://www.php.net/manual/en/ref.sessio ... axlifetime

http://www.zend.com/zend/tut/session.php explains session handling in more detail.

Posted: Mon Jan 20, 2003 3:43 am
by desmondlk
Dear All,

If I set the
session.gc_probability = 100 and
session.gc_maxlifetime = 60

Do this mean that the session file will be deleted
from server temporary folder
(session.save_path = D:\Apache\htdocs\tmp)
after 60 seconds?

Coz after I set the php.ini and execute, the related
session file still remain in the folder.

May I know what is the problem?

Instead of calling session_destroy() explicitly,
may I know what to do in order to destroy the session file
automatically?

Posted: Mon Jan 20, 2003 3:46 am
by volka
session.gc_probability specifies the probability that the gc (garbage collection) routine is started on each request in percent. Defaults to 1.
without a (document-)request the php-module does nothing ;)

Posted: Mon Jan 20, 2003 3:50 am
by desmondlk
Dear volka,

I still do not understand what do u mean?

May u lead me the way?

Posted: Mon Jan 20, 2003 5:12 am
by volka
just request the page(-script) that creates the session, close the browser, wait a minute and open the page again in a new browser.
Directly before processing the second request the old, expired session data will be erased. Without any second request the module does nothing and the file will remain.
While it has not to serve an incoming request (afaik) php is inactive and can therefor not handle old session-data-files.