does anyone know the number 180, 1440, etc if there are in seconds, minutes, hours, days? i am trying to get the site to logout the user automatically after a certain amount of time about 90 minutes of inactivity can anyone help me with this? thanks! ini_set('arg_separator.output', '&'); ini_set('magic_quotes_runtime', 0); ini_set('magic_quotes_sybase', 0); ini_set('session.cache_expire', 180); ini_set('session.cache_limiter', 'none'); ini_set('session.cookie_lifetime', 0); ini_set('session.gc_maxlifetime', 1440); ini_set('session.save_handler', 'user'); ini_set('session.use_only_cookies', 1); ini_set('session.use_trans_sid', 0); ini_set('url_rewriter.tags', ''); OR ini_set('arg_separator.output', '&'); ini_set('magic_quotes_runtime', 0); ini_set('magic_quotes_sybase', 0); ini_set('session.cache_expire', 200000); ini_set('session.cache_limiter', 'none'); ini_set('session.cookie_lifetime', 2000000); ini_set('session.gc_maxlifetime', 200000); ini_set('session.save_handler', 'user'); ini_set('session.use_only_cookies', 1); ini_set('session.use_trans_sid', 0); ini_set('url_rewriter.tags', '');
The part you need to look at is in seconds. It's almost always seconds. ini_set('session.gc_maxlifetime', 5400); PHP: Note that this only tells the built-in garbage collection utility that the session can be deleted. To log the user off just check against a timestamp of the last activity and if ($current_timestamp<$last_activity+5400), boot them.
You would have to set it each time the user requests a page. I'm not sure how you handle your sessions, but even something like this would work: $timestamp=time(); if ($timestamp>$_SESSION['last_activity']+5400) {$_SESSION['last_activity']=$timestamp;} else {die('Your session has expired.');} PHP: Ideally you wouldn't exit out of the script like that, but it's just an example. Add your own code for logging them out, which may just be a message followed by a couple of lines starting a new session.
thanks...one more question if i use the following ini_set('arg_separator.output', '&'); ini_set('magic_quotes_runtime', 0); ini_set('magic_quotes_sybase', 0); ini_set('session.cache_expire', 200000); ini_set('session.cache_limiter', 'none'); ini_set('session.cookie_lifetime', 2000000); ini_set('session.gc_maxlifetime', 200000); ini_set('session.save_handler', 'user'); ini_set('session.use_only_cookies', 1); ini_set('session.use_trans_sid', 0); ini_set('url_rewriter.tags', ''); Do you think this would be ok to use for my site?
For the most part, although this ini_set('session.cache_expire', 200000); ini_set('session.cookie_lifetime', 2000000); ini_set('session.gc_maxlifetime', 200000); PHP: should be changed. Lower them to something more reasonable to avoid unnecessary clutter and possible session collision.
ok so i have changed it to ini_set('session.cache_expire', 18000); ini_set('session.cookie_lifetime', 0); ini_set('session.gc_maxlifetime', 18000); Code (markup): think this is good enough? i changed cookie lifetime to zero so when user exit's the browse it will log them out thanks for the help!
Happy to help. I would certainly recommend the cookie value be set to 0 unless you have a specific need for it to be anything else. As for the other values, it's really whatever you need for your application. You should decide how long you want those values to be in minutes/hours, and then convert from there. Keep in mind that session.cache_expire is set in minutes and session.gc_maxlifetime is in seconds, so your current values are 12.5 days and 5 hours, respectively. Compare these to the default values of 3 hours and 24 minutes. Evaluate your need to have these values set so high, especially considering the impact they might have on performance.
hey thanks alot i have made the session.cache 204 and maxlifetime 12240 thanks! hopefully this is good enough