Home > Backend Development > PHP Tutorial > Teach you how to play with PHP and modify the survival time of SESSION

Teach you how to play with PHP and modify the survival time of SESSION

慕斯
Release: 2023-04-10 09:46:02
forward
3849 people have browsed it

We have learned so much about PHP. I wonder if you have fully mastered how to modify the survival time of SESSION in PHP. If not, then follow this article to continue learning. Bar

Requirement background:

The user hopes that after he logs in, the browser will help him remember the login status. This way he doesn't have to log in every time he logs in.

session expiration time:

If we do not set the session generation time, the default survival time in the configuration file is 1440 seconds

That is It is said that the session survival time is 24 minutes. Some people here may have such questions:

Why did I not log out after 24 minutes after logging in?

In fact, the session is invalid after 24 minutes. Why the user did not exit is due to the recycling mechanism of PHP.

In the configuration file php.ini, you can find these two configuration items. The comments above are basically the same. , which roughly means:

The occurrence of "recycling mechanism" during each session initialization is a probability event. This probability is derived from the following formula:

gc_probability divided by gc_pisor. If the gc_probability value is 1 and the gc_pisor value is 100, then the probability of triggering the "recycling mechanism" is 1%.

means that there may be 100 php requests, and there may be only one possibility of triggering the "recycling mechanism". So if the session has expired, but the "recycling mechanism" has not been triggered and the session file has not been deleted, then the session is still valid.

If you need to trigger the "recycling mechanism" very accurately and delete the session immediately after it expires, set both of the above values ​​to 1.

But this will extremely affect PHP performance.

SessionID survival time in cookie:

Generally we close the browser. If we do not set the sessionID expiration time separately, the browser will store the corresponding sessionID in the cookie. The sessionid is deleted.

We did not close the browser, and the session was invalid when the time was up. However, due to the recycling mechanism of PHP (refer to the following article: PHP session detailed explanation), it may not expire immediately.

For example:

<?php

session_start();

$_SESSION["username"] = "peter";

echo "登记的用户名为:".$_SESSION["username"];

?>
Copy after login

If we execute this code, we will check the expiration time of the sessionid of the website we just visited under Application under the Chrome browser


1969-12-31 means that the cache time is not set, and it will be deleted if you close the browser.

##In "Settings"->"Advanced"->"Content settings"->"Cookies"-> "See all cookies and site data" Select the website you want to view and you can also see session-related information.

We modify the above code to the following:

<?php

$lifeTime = 24 * 3600;

session_set_cookie_params($lifeTime);

session_start();

$_SESSION["username"] = "peter";

echo "登记的用户名为:".$_SESSION["username"];
?>
Copy after login

At this time, you can see that the expiration time of the session we set in the cookie has been modified.


Set the session lifetime time

1. The most effective way is to modify php.ini

#session的超时时间

session.gc_maxlifetime = 1440
Copy after login

2. Modify this value through php

<?php
$Lifetime = 3600;

$DirectoryPath = "./tmp";

is_dir($DirectoryPath) or mkdir($DirectoryPath, 0777);

//是否开启基于url传递sessionid,这里是不开启,发现开启也要关闭掉

if (ini_get("session.use_trans_sid") == true) {

ini_set("url_rewriter.tags", "");

ini_set("session.use_trans_sid", false);

}

ini_set("session.gc_maxlifetime", $Lifetime);//设置session生存时间

ini_set("session.gc_pisor", "1");

ini_set("session.gc_probability", "1");

ini_set("session.cookie_lifetime", "0");//sessionID在cookie中的生存时间

ini_set("session.save_path", $DirectoryPath);//session文件存储的路径

session_start();
?>
Copy after login

Note: If your website has customized session_save_path, you need to set the value for session.gc_probability, otherwise, your session will The sessionID file is never deleted.


3. Use increasing cookie time to increase session time in disguise

<?php
/**

* 下面只是设置了保存sessionid的那个时间,这样的结果是关闭浏览器后session仍可以用

* 实际并没有改变session的生存时间,如果session已经过期,这也就没有意义了

*/

//只会在用户第一次访问的时候设置保存sessionid的那个cookie的过期时间

$lifetime=600;

session_set_cookie_params($lifetime);#注意到放到start的前面

session_start();



//每次都设置保存sessionid的那个cookie的过期时间

$lifetime=600;

session_start();

setcookie(session_name(),session_id(),time()+$lifetime);

?>
Copy after login
//Same as above, it will be set every time

Note: Personally, I feel that either setting up the second method or combining the first and third methods can fundamentally solve the problem.

<?php

$lifetime=86400;

session_set_cookie_params($lifetime);

session_start();

session_regenerate_id(true);

?>
Copy after login

推荐学习:《PHP视频教程

 

 

The above is the detailed content of Teach you how to play with PHP and modify the survival time of SESSION. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:csdn.net
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template