please help me

gca07738

I've been puzzling about session for a few day.
Therefore,I hope someone could help me.
(1.)
I try to use session with saving it to file (default:sess[id] in /tmp),
but I go through my homepage it doesn't show the "right" information obtained in storage.
Sometimes it showed the right value,but sometimes it showed nothing or "wrong" value.
I also send cat /tmp/sess[id]... ,yes,it changed indefinite time .Below is the file.
-------------------/tmp/sess_....

(emp_name|s:1:"xxx") or (emp_name|N😉

the xxx,I use the Chinese word(big5) it has been occur like above,but use English word it's OK.
why???

(2.)
I set the session.gc_maxlifetime=60 (seconds) in php.ini
It still alive when time is exceed 1 minute ,only that I close the brower.

sarahk

question about your question.

you say that if you close the browser the session remains. Does that mean the text file remains? If the user opens a new browser they shouldn't be able to access the session as they will have a new session id. Therefore your problem is the old text files...

Do you have to save them to a text file, what purpose does that serve?

Weedpacket

(2.)
This is normal; PHP doesn't delete old session files the instant they expire.

For one thing, PHP isn't necessarily running at that particular moment; it only runs in response to a request from a client.

For another, it would be horribly expensive in time and resources for PHP to go looking through the tmp directory for old session files every single time it runs. So instead it only cleans up occasionally. A randomly-selected 1% (by default) of the calls to session_start() to be precise. The default value for this garbage collection probability can also be adjusted in php.ini.

But as sarahk says, that shouldn't be a problem - as soon as the browser is shut down it is supposed to forget its session ID - so the browser can't supply the ID to the server when it makes a request, so the server gives it a new one instead.