URGENT! Session Clarification

j_smith123

I am new to Php and I am confused about how I should use sessions. Maybe one of you could help.

If a session ends while a user is still connected connected, how do I create a new session (or retrieve the expired session with all its session variables) so that the user can continue using the site for a duration well beyound that specified for the timeout in the php.ini file? Any ideas!!!???

thanks.

N.b: If I anyone could give me the URLs of some related articles, a million thanks to them also.

[deleted]

First, please don't put 'urgent' in your post, it doesn't help.

Second, please read the manual page about sessions. Sessions have a timeout parameter that is ofcourse reset everytime the user requests a page. What would be the point of having sessions if they just stop in the middle of a request?

j_smith123

First of all, my apologies for putting URGENT! in my subject - nobody replied to a first post: so I tried "the ugly thing". Notice that I have removed the word in compassion for those who cannot stand it.

Second, thanks Vincent for replying.

Third, I read the manual; may be the answer is there but it is not very clear.

Fourth, I think you misunderstood my question. Allow me to explain once again:

I am aware that there MUST be a timeout for a session. I understand that the timeout can be specified in the php.ini file through the session.cookie_lifetime which, when set to 0, implies that the session will remain valid for the duration that the browser remains open. There is also the session.gc_maxlifetime variable which represents, in seconds, the duration that the file pertaining to the session will remain ON THE SERVER, even if the session has expired - or the browser has been closed -, unless it is explicitly destroyed through session_destroy(). (I hope I have understood all this correctly...).

Problem: in my application, an administrator may have to spend a lot of time on a single page entering data. If it ever happens that during this process of data-entry, the session is timed-out( i.e he has been entering data for a duration greater than session.gc_maxlifetime), how can he retrieve the session variables of the timed-out session so that he can complete his entries and submit his data properly?

Note: Ideally, I would prefer to use session variables with a database (and no cookie on the client) for authentication and session management.

May be the answer is trivial but I'm having a hard time trying to find it.

I hope you will be able to help.
Thanks.

[deleted]

"how can he retrieve the session variables of the timed-out session so that he can complete his entries and submit his data properly? "

he can't/shouldn't. that would defeat the purpose of the expiration of sessions. 🙂

The most obvious thing you can do is just increase the timout parameter from a few minutes to several hours.

If you don't have any serious need for a 30 minute timeout, then a 7-8 hour timeout will do just as well.

j_smith123

The problem is that my application will be on a shared server where there will be numerous Php applications. These applications will be using the 30 minute timeout but my application should be using a different timeout (as you say 7 or 8 hrs). Is there a way to specify the timeout on a per application basis? Just like in ASP we can set the timeout of every application, can we do the same in Php?

Thanks