Php session expiring
Hi everybody.
I have a problem with PHP sessions.
I have developed a backend for a mobile app developed by another team of devs. The app send requests to my php scripts which collects data and send them to the mobile app.
The problem is that I have used PHP sessions and this way, if the mobile app doesn't send requests for 30 minutes, the session expires and the php scripts return bad or null values.
I have now to manage this issue and I'm wondering what is the best way to do it. Can I set the php.ini in order to make sessions never expire? Or do I have to tell developers to use Ajax to prevent session expiring? Or there is some better way?
Thanks for any suggestion :)
I have a problem with PHP sessions.
I have developed a backend for a mobile app developed by another team of devs. The app send requests to my php scripts which collects data and send them to the mobile app.
The problem is that I have used PHP sessions and this way, if the mobile app doesn't send requests for 30 minutes, the session expires and the php scripts return bad or null values.
I have now to manage this issue and I'm wondering what is the best way to do it. Can I set the php.ini in order to make sessions never expire? Or do I have to tell developers to use Ajax to prevent session expiring? Or there is some better way?
Thanks for any suggestion :)
Jan Louwerens
If the requests coming in have that much time separating them, you might want to consider storing the data in a database, rather than in the session.
You need to rewrite your code. PHP session 'timers' are intentionally unreliable. They are NOT intended to be used as timers but as the minimum time before starting garbage collection. If you are the only one on that server, you can change the session timeout. If you are Not the only one, then you will find out that the lowest timeout is the one that is used and that changing yours will have no effect.
By the way, if sessions never expire, that means you will collect the files containing $_SESSION[] data until all the disk space is used up.
By the way, if sessions never expire, that means you will collect the files containing $_SESSION[] data until all the disk space is used up.
ASKER
Thank you both, guys.
Okay I understand your points and I realize I didn't explain my problem in the right way.
Let's me clarify. When the user open the app and does the login, a session is stored on the server and the user id is saved in a session variable. This is the value I repeatedly check in various scripts when the app sends a request. If the app doesn't send any request for 30 minuts the user id value expires and the next request fails.
I could arrange things to make the app save the user id in a local database (or/and in local Storage) and then send tthe value with any request and just drop the PHP session. But there are some operations which involve several scripts in sequence and there it would better to use sessions.
Or maybe there is some other way to manage things I didn't think about...
What's your thought?
Okay I understand your points and I realize I didn't explain my problem in the right way.
Let's me clarify. When the user open the app and does the login, a session is stored on the server and the user id is saved in a session variable. This is the value I repeatedly check in various scripts when the app sends a request. If the app doesn't send any request for 30 minuts the user id value expires and the next request fails.
I could arrange things to make the app save the user id in a local database (or/and in local Storage) and then send tthe value with any request and just drop the PHP session. But there are some operations which involve several scripts in sequence and there it would better to use sessions.
Or maybe there is some other way to manage things I didn't think about...
What's your thought?
Actually, we understand perfectly because we've answered and 'solved' this question many times already. First, PHP sessions expire because of lack of activity. Standard time-out is 24 minutes from the Last access. If you have "several scripts in sequence" they will keep the session alive because the time-out is reset with every access. If you access pages in a session every few minutes, you can keep a session open indefinitely, for days, weeks, even years and decades.
Sessions are only for short term access. I always use a database for the important info. That way (with appropriate coding), the user can come back days later and use it again.
Sessions are only for short term access. I always use a database for the important info. That way (with appropriate coding), the user can come back days later and use it again.
ASKER
@Dave: I don't understand the relation between your comment and my question. But if you have solved the same question so many times, maybebyou can just post a link to some of those threads...
Since you can't control how long between accesses, use a database instead of sessions. I leave it to you to look up the many questions here about PHP sessions. Almost all of the problems arise from a misunderstanding of what sessions are good for.
ASKER
But I'm not using session to store data, just the logged user id: it looks like a standard use of the session to me...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Chris. Yes, sure. I should have thought by myself! But I didn't :) Thank you so much.