Prevent session expired in PHP Session for inactive user_问答_开发者

Prevent session expired in PHP Session for inactive user

开发者 https://www.devze.com 2023-03-05 06:19 出处：网络

I have a problem with my application: my application has many forms and need开发者_JAVA技巧 about 1 hour to finish this form because the form is dynamic (can add other forms). The problem is: the session of my web server is 24 minutes. When user fill the form, they spent so much time and the session timed out because server recognize that the user is inactive. It's very annoying when form submitted, most data was lost and the user is returned to the login page. I have tried to make my session expired in 10 hours with this code:

ini_set('session.gc_maxlifetime', '36000');

But it's not working in my server, is it possible my server preventing ini_set() function?

So, what should I do for solving this problem? Can I prevent session timeout so that the session can be expanded to 10 hours? Or can I disable session expiration?

Thanks

Instead of setting the time in ini to a fixed length, remind that session timeout is reset on reload. So create some ajax code that does a request every 5 minutes or so to a file (image or smth). This way the timer is reset every 5 minutes and users can spend a day filling out your forms.

Here an example to prevent session timeout by using a jQuery Ajax call:

var refreshTime = 600000; // every 10 minutes in milliseconds
window.setInterval( function() {
    $.ajax({
        cache: false,
        type: "GET",
        url: "refreshSession.php",
        success: function(data) {
        }
    });
}, refreshTime );

in the refreshSession.php you can do something like session_start()

I have had the same problem in the past. What I did to get around this was to place these two functions in a config file which gets included in every file.

session_set_cookie_params(86400);
ini_set('session.gc_maxlifetime', 86400);

and just for safe measure this line in my .htaccess file

php_value session.gc_maxlifetime 86400

Changing session.gc_maxlifetime using ini_set should work as long as you change the option before calling session_start. So doing the following should work:

ini_set('session.gc_maxlifetime', 36000);
session_start();

You can also change that option in other contexts (see ChazUK’s answer).

But I wouldn’t set the cookie’s lifetime to a fixed value but make the session’s cookie a real session cookie that lasts until the browser session is ended (i.e. on browser close). You can do this by setting session.cookie_lifetime to 0.

Do also consider that PHP’s session expiration model is a little quirky as the lifetime calculation is based on the session data’s last modification date.

How long a session cookie lasts is set when you create the session cookie. If you use the setcookie method, an argument of the method is the LENGTH for which you would like the cookie to last.

Please refer to the PHP manual on the method for additional information: http://php.net/manual/en/function.setcookie.php

<script>
    var refreshTime = 180000; // every 3 minutes in milliseconds
    $(document).ready(function(){
 setInterval(sessionCheck,refreshTime);
});
function sessionCheck() {
    $.ajax({
        cache: false,
        type: "GET",
        url: "refreshSession.php",// <?php session_start(); ?>
        success: function(data) {
        }
    });
    }
</script>