SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Addict
    Join Date
    Sep 2008
    Posts
    338
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP clean-up of old sessions

    Can someone explain the whole session clean up / max life of a session thing.

    I have searched google/internet a lot - so please don't just post a link to php.net!!

    I suppose I want to know how to control:
    (1) when PHP automatically clears up individual set $_SESSION variables within a user's logged in occasion (ie like unsetting one session)
    (2) when PHP logs you out automatically for inactivity and clears the entire session (ie like session_destroy)

    I think the php.ini settings that cover this are:
    session.gc_maxlifetime
    session.cookie_lifetime

    Is there a known problem for shared servers against dedicated - where you don't have control on a shared of something? (I heard something about this)

    How is the best way to set all this up so I can control the 2 things mentioned?

    (I am sure in the past I have ignored this because it doesn't work - but that could be the shared server problem)

  2. #2
    SitePoint Evangelist simshaun's Avatar
    Join Date
    Apr 2008
    Location
    North Carolina
    Posts
    438
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    When garbage cleanup runs, it clears sessions whose last-modified is expired (session.gc_maxlifetime).

    (1): Are you talking about manually unsetting session vars? ... unset($_SESSION['var'])
    (2): Bump up session.gc_maxlifetime

    Shared servers - know that simply by bumping up session.gc_maxlifetime does not guarantee your sessions will last that long. On many shared servers, sessions for every account are stored in the same directory (/tmp). Even though your account has a 2hr session.gc_maxlifetime, some of your sessions may be deleted after 15minutes because somebody else's account has session.gc_maxlifetime set to 15min. Digg?

    This is why if possible, its a good idea to ensure your sessions are stored in a non-web-accessible directory; but one where everybody else's aren't stored.
    Me, each account on my server has its own tmp directory under their folder; For each account, I manually set the tmp directory through .htaccess. (Ex: /path/to/accountA/tmp/, /path/to/accountB/tmp)

    How is the best way to set all this up so I can control the 2 things mentioned?
    Custom php.ini, set it through .htaccess, or through PHP itself.

    If you're wondering how to do it through htaccess, well: (this may or may not work, depending on your server config)
    Code:
    php_value session.save_path "/var/www/vhosts/accountA/tmp"
    php_value session.gc_maxlifetime "10800"

  3. #3
    SitePoint Addict
    Join Date
    Jan 2002
    Location
    Southwest Florida
    Posts
    393
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you change the session.save_path to something other than the server's default -- does the standard garbage collection delete those when they expire? Or does garbage collection only delete expired sessions in the server default (e.g., /tmp)?

  4. #4
    SitePoint Evangelist simshaun's Avatar
    Join Date
    Apr 2008
    Location
    North Carolina
    Posts
    438
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes the garbage collection will cleanup whatever you set the tmp directory to.
    Otherwise I'd have thousands upon thousands of no-good-expired-wasting-space-on-my-server tmp files all over.

  5. #5
    Web Professional
    Join Date
    Oct 2008
    Location
    London
    Posts
    862
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Bear in mind garbage collection is triggered with session_start() and it's not guaranteed that it will actually be performed.

    session.gc_probability
    session.gc_divisor

    Garbage collection is IO heavy so you if you have 1000 pageloads a minute you probably want to set probability to about 0.1 percent or less.

  6. #6
    SitePoint Addict
    Join Date
    Jan 2002
    Location
    Southwest Florida
    Posts
    393
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by simshaun View Post
    Yes the garbage collection will cleanup whatever you set the tmp directory to.
    Otherwise I'd have thousands upon thousands of no-good-expired-wasting-space-on-my-server tmp files all over.
    Oh, good. That was exactly what I was concerned about.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •