when using session_strat(), $_SESSION['something'] on a site, this i guess by default has a lifetime of 5 minutes; which should be set in php.ini(?)
Is there a way to extend this lifetime to any number of minutes? .htaccess solution would be the easiest if there's one.
should php_value session.gc_maxlifetime 6000 do it?
You need to be concerned with two separate issues:
How long the session data is retained on the server, which is controlled by the various session.gc_* settings
The lifetime of the session cookie, which is controlled by the session.cookie_lifetime setting (0 = until browser is closed)
session.cookie has to do with session_id()?
this should be ok for a session of one hour?
php_value session.gc_maxlifetime 3600
php_value session.cookie_lifetime 0 is it one hour total, or idle time?
one more thing, i'm kinda confused...
$HTTP_SESSION_VARS ["name"] is something different from $_SESSION['name'] ?
The time is since the last session_start() for that session.
$HTTP_SESSION_VARS is deprecated, so you should use $SESSION. (They are two separate arrays, with $HTTP_SESSION_VARS not being "super-global", whereas $SESSION is.)
Also note that garbage collection (gc) doesn't run on every request (unless you've configured it to do so, which seems rather resource heavy), so it's possible for the session to last much longer than one hour.
If you want the session to last a maximum of one hour (exactly), then you could store a timestamp in the session when it was first created and then check it every time you load the session.
mikawhat wrote:is it one hour total, or idle time?
gc only cares about "idle" time, you could say; the amount of time elapsed since the file was last modified.
Great. Thank you for your help guys!