Detailed explanation of how to set up a session with strict expiration time in PHP

This article mainly introduces the method of setting up a session in PHP that strictly controls the expiration time, which has a good reference value. Let’s take a look with the editor below

1.php session validity period

PHP’s sessiondefault validity period is 1440 seconds ( 24 minutes), If the client does not refresh for more than 24 minutes, the current session will be recycled and invalid.

When the user closes the browser, the session ends and the session will also become invalid.

You can modify session.gc_maxlifetime of php.ini to set the life cycle of the session, but there is no guarantee that the session information will be deleted immediately after this time is exceeded. Because GC is started based on probability, it may not be started for a long time. Then a large number of sessions are still valid after exceeding session.gc_maxlifetime.

2.session.gc_maxlifetime,session.gc_probability,session.gc_pisor description

session.gc_maxlifetime = 30 means when the session file is in 30 seconds If it is not accessed later, it is considered an expired session and is waiting for GC recycling.

The probability of GC process call is calculated through session.gc_probability/session.gc_pisor, and session.gc_pisor defaults to 1000,

If session.gc_probability = 1000, then the GC process will call it every time session_start() is executed to perform recycling.

Increasing the probability of session.gc_probability/session.gc_pisor will help, but it will have a serious impact on performance.

3. Strictly control the session expiration method

1. Use memcache/Redis to save the session and set the expiration time, because the recycling mechanism of memcache/redis is not According to the probability, it can ensure that the session will expire after expiration.

2. Only use PHP to implement it, create a session class, and write the expiration time when the session is written. When reading, determine whether it has expired based on the expiration time.

<?php
/**
 * Session控制类
 */
class Session{
  /**
   * 设置session
   * @param String $name  session name
   * @param Mixed $data  session data
   * @param Int  $expire 超时时间(秒)
   */
  public static function set($name, $data, $expire=600){
    $session_data = array();
    $session_data[&#39;data&#39;] = $data;
    $session_data[&#39;expire&#39;] = time()+$expire;
    $_SESSION[$name] = $session_data;
  }
  /**
   * 读取session
   * @param String $name session name
   * @return Mixed
   */
  public static function get($name){
    if(isset($_SESSION[$name])){
      if($_SESSION[$name][&#39;expire&#39;]>time()){
        return $_SESSION[$name][&#39;data&#39;];
      }else{
        self::clear($name);
      }
    }
    return false;
  }
  /**
   * 清除session
   * @param String $name session name
   */
  private static function clear($name){
    unset($_SESSION[$name]);
  }
}
?>

demo:

<?php
session_start();
$data = &#39;123456&#39;;
session::set(&#39;test&#39;, $data, 10);
echo session::get(&#39;test&#39;); // 未过期，输出
sleep(10);
echo session::get(&#39;test&#39;); // 已过期
?>

Related recommendations:

Session timeout in phpStrict controlExample_PHP tutorial

php Strict controlsession Expiration time_PHP tutorial

php Strictly control the expiration time of session_PHP tutorial_Programming technology

The above is the detailed content of Detailed explanation of how to set up a session with strict expiration time in PHP. For more information, please follow other related articles on the PHP Chinese website!