I am experiencing a problem with PHP Sessions and was wondering if either of you could maybe shed a little light on my issue.
I'm currently porting an intranet security script from an older version of PHP (4.0.6 => 4.3.4).
However, since re-development started we've noticed that the session variables don't seem to time-out and, unless you close your browser, they never die.
To remedy this, I attempted setting the session.cookie_maxlifetime variable in the PHP.INI, however this just resulted in the session staying alive for that set amount even if you DO close your browser. (ie. you re-open a new browser and the session is still open due to the cookie existing on your machine.) After doing some more extensive reading this appears to be correct so I decided to set it back to 0.
Having re-set the cookie_maxlifetime variable back to it's default 0 in the PHP.INI and restarting Apache, the cookie now NEVER dies even though it's supposed to according to the PHP manual.
Have done exhaustive searches on google for information but to no avail...
HELP!
- Nutimbo
Web Developer (and Sys.Admin while the SysAd department continue to be un-helpful)
