Php Session

Discussion in 'Pre-Sales Questions' started by Proxycity.com, Apr 5, 2004.

  1. Hi,
    Is there a way to limit how long a phpsessid is valid for? I noticed that using an url with the original phpsessid attached to the end of it will allow continued access to member area pages (user does not seem to be required to relogin after an expired session). Please let me know. Thank you.
  2. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    Usually session is active until user closes all browser windows (or reboot computer), or logout from members area. You can limit session time by setting session.cookie_time in php.ini configuration file.
  3. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    Usually session is active until user closes all browser windows (or reboot computer), or logout from members area. You can limit session time by setting session.cookie_time and session.gc_maxlifetime in php.ini configuration file.
  4. Thank you Alex
  5. ekikko

    ekikko Guest


    where is located the php.ini file ?

    thk
  6. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    Usually it is at
    /etc/httpd/conf/php.ini
    but ask your hosting administrator.
    You can also put directives to .htaccess file like

    php_value session.cookie_time 3600
    php_value session.gc_maxlifetime 3600
  7. ekikko

    ekikko Guest

    alex , many many thanks

Share This Page