On all my pages I use session_start() to initialize a session with the user. Every time a session is started, a new file is added to the MAMP/tmp/php/ directory with the session info for the user. I only use session_destroy() when the user clicks log out.
So I tested it and visited my site. A file is created. Now I close my browser, but the session file still remains in the folder. Can this get troublesome? At one point I had thousands of old, empty session files. Do I need to use some sort of script to clean up this folder every day or two?
there are currently 21,000+ session files in my /Applications/MAMP/tmp/php folder.
How can I guarantee that this doesn’t accumulate so heavily? I have tried your advice in the links, but it’s been about 20 days and the files have not been cleaned up automatically obviously.
Maybe it’s my PHP code? But I can’t call session_destroy() when the user closes his or her browser. That would work, to delete the files upon the user ending a session, but it’s not possible to code.
If the user clicks log out though then the session file will be removed from that folder… it’s just users dont always log out. And it doesn’t solve the problem for guests who don’t have accounts to log out of.
One way around the problem if the garbage collection doesn’t seem to work is to migrate the session storage over to storing sessions and have a cron job set up to delete a row in the session table if the current date and time is later then the expires date and time.
The moment the page hits the browser PHP is no longer running for that user. Also the GC_Probability that the GC will run is 1 in 1000th, that is 0.01% of the time by default settings. See the link I posted above.
Not in the current php.ini files that are shipped with PHP. In both “Production” and “Development” php.ini files set the divisor to 1000. Anyone using those get the default value of 1000.
; Defines the probability that the 'garbage collection' process is started on every
; session initialization. The probability is calculated by using the following equation:
; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
; session.gc_divisor is the denominator in the equation. Setting this value to 1
; when the session.gc_divisor value is 100 will give you approximately a 1% chance
; the gc will run on any give request. Increasing this value to 1000 will give you
; a 0.1% chance the gc will run on any give request. For high volume production servers,
; this is a more efficient approach.
; Default Value: 100
; Development Value: 1000
; Production Value: 1000
session.gc_divisor = 1000