Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > php > answers

questions about sessions

Marcus
Guest
  
Posts: n/a
#1: Jul 17 '05
Hi All,

First, just wanted to say that I found what I thought was a very helpful
tutorial on sessions in case anyone out there has questions on them:

http://www.free2code.net/tutorials/p...4/sessions.php

I've been using sessions for quite some time but only after reading this
do I really understand what is going on on both the client and server side.

Unfortunately, I still have some unanswered questions after reading it,
as it is pretty basic and gives a quick intro to sessions. For testing
purposes, I turned off all cookies in IE and attempted to sign into my
site on my local host, which uses sessions for signing in. In addition,
session.use_trans_sid = 0 in my ini file. I can't figure out how, but
somehow my scripts all still work and I am able to login fine, even
though cookies are disabled, as well as trans sid. How is my session id
being passed, as my understanding is these are the 2 possible methods?
There is no sessid propagated through the URL either, so it is not
through a get variable.

Also, I looked in my sessiondata folder and found a bunch of session
data. When I physically log out and kill a session, it removes it from
the folder. However, when I just close the browser window, it does not
remove the data from the folder. Reopening the browser right away
results in a new session and requires the user to login again, but the
old data from the previous session is still there. I checked my ini,
and found the default:

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440

But this isn't working as far as I can tell because I have session files
from days ago, and according to this it should be deleted after 24 minutes.

Sorry for the long post, but thanks in advance for all help!!

Marcus

Ian.H
Guest
  
Posts: n/a
#2: Jul 17 '05

re: questions about sessions

On Tue, 03 Aug 2004 17:17:35 +0000, Marcus wrote:
[color=blue]
> ; After this number of seconds, stored data will be seen as 'garbage' and
> ; cleaned up by the garbage collection process.
> session.gc_maxlifetime = 1440
>
> But this isn't working as far as I can tell because I have session files
> from days ago, and according to this it should be deleted after 24 minutes.[/color]


Isn't that 1440 seconds? Inwhich case, that's 24 hours, not mins =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/
Ian.H
Guest
  
Posts: n/a
#3: Jul 17 '05

re: questions about sessions

On Tue, 03 Aug 2004 20:02:14 +0000, Ian.H wrote:
[color=blue]
> On Tue, 03 Aug 2004 17:17:35 +0000, Marcus wrote:
>[color=green]
>> ; After this number of seconds, stored data will be seen as 'garbage' and
>> ; cleaned up by the garbage collection process.
>> session.gc_maxlifetime = 1440
>>
>> But this isn't working as far as I can tell because I have session files
>> from days ago, and according to this it should be deleted after 24 minutes.[/color]
>
>
> Isn't that 1440 seconds? Inwhich case, that's 24 hours, not mins =)[/color]


Sorry, ignore my reply above.. [ makes mental note to engage brain
_before_ fingers ] it's been a long day =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/
Geoff Berrow
Guest
  
Posts: n/a
#4: Jul 17 '05

re: questions about sessions

I noticed that Message-ID:
<pan.2004.08.03.20.05.59.954000@bubbleboy.digiserv .net> from Ian.H
contained the following:
[color=blue][color=green]
>> Isn't that 1440 seconds? Inwhich case, that's 24 hours, not mins =)[/color]
>
>
>Sorry, ignore my reply above.. [ makes mental note to engage brain
>_before_ fingers ] it's been a long day =)[/color]

I have to teach basic skills numeracy in September if you are
interested...<g>

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Chung Leong
Guest
  
Posts: n/a
#5: Jul 17 '05

re: questions about sessions

"Marcus" <JumpMan222@aol.com> wrote in message
news:PMPPc.2588$hI.854722@newssvr28.news.prodigy.c om...[color=blue]
> ; After this number of seconds, stored data will be seen as 'garbage' and
> ; cleaned up by the garbage collection process.
> session.gc_maxlifetime = 1440
>
> But this isn't working as far as I can tell because I have session files
> from days ago, and according to this it should be deleted after 24[/color]
minutes.

I'm been just waiting for someone to ask that one :-)

The reason why the files are still there is because PHP does not garbage
collect on every request session expiration does not happen very often. It
does it only once in a while. The chance of garbage collection being trigger
on a given request equals session.gc_probability / session.gc_divisor. If
your set both to 100, then GC happens on every request.


--
Obey the Clown - http://www.conradish.net/bobo/
Ian.H
Guest
  
Posts: n/a
#6: Jul 17 '05

re: questions about sessions

On Tue, 03 Aug 2004 21:28:35 +0100, Geoff Berrow wrote:
[color=blue]
> I noticed that Message-ID:
> <pan.2004.08.03.20.05.59.954000@bubbleboy.digiserv .net> from Ian.H
> contained the following:
>[color=green][color=darkred]
>>> Isn't that 1440 seconds? Inwhich case, that's 24 hours, not mins =)[/color]
>>
>>
>>Sorry, ignore my reply above.. [ makes mental note to engage brain
>>_before_ fingers ] it's been a long day =)[/color]
>
> I have to teach basic skills numeracy in September if you are
> interested...<g>[/color]


Sign me up for 2 classes Geoff! lol

Just finished my 13 hour day.. and what an eventful evening =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/
Marcus
Guest
  
Posts: n/a
#7: Jul 17 '05

re: questions about sessions

Chung Leong wrote:[color=blue]
> "Marcus" <JumpMan222@aol.com> wrote in message
> news:PMPPc.2588$hI.854722@newssvr28.news.prodigy.c om...
>[color=green]
>>; After this number of seconds, stored data will be seen as 'garbage' and
>>; cleaned up by the garbage collection process.
>>session.gc_maxlifetime = 1440
>>
>>But this isn't working as far as I can tell because I have session files
>>from days ago, and according to this it should be deleted after 24[/color]
>
> minutes.
>
> I'm been just waiting for someone to ask that one :-)
>
> The reason why the files are still there is because PHP does not garbage
> collect on every request session expiration does not happen very often. It
> does it only once in a while. The chance of garbage collection being trigger
> on a given request equals session.gc_probability / session.gc_divisor. If
> your set both to 100, then GC happens on every request.
>
>[/color]

I believe the default for that is 1, which I assumed to mean 100% - all
that math and stats getting my CS degree trained me to think 1 is 100%
:-) Thanks for clearing that up, I will try it out.

Anyone have any ideas on the first part of my question with how the
session even is working with cookies off and trans_sid off? Thanks as
always.

Marcus
Marcus
Guest
  
Posts: n/a
#8: Jul 17 '05

re: questions about sessions

Marcus wrote:
[color=blue]
> I believe the default for that is 1, which I assumed to mean 100% - all
> that math and stats getting my CS degree trained me to think 1 is 100%
> :-) Thanks for clearing that up, I will try it out.
>
> Anyone have any ideas on the first part of my question with how the
> session even is working with cookies off and trans_sid off? Thanks as
> always.
>
> Marcus
>[/color]

Chung,

Continuing your last post, sorry but I forgot to ask, is there an
optimal value to set it to? i.e. does garbage collecting 100% of the
time have detrimental effects like slower performance? If not, I can't
see why it wouldn't be defaulted to 100%...

Marcus
R. Rajesh Jeba Anbiah
Guest
  
Posts: n/a
#9: Jul 17 '05

re: questions about sessions

Marcus <JumpMan222@aol.com> wrote in message news:<PMPPc.2588$hI.854722@newssvr28.news.prodigy. com>...
<snip>[color=blue]
> For testing
> purposes, I turned off all cookies in IE and attempted to sign into my
> site on my local host, which uses sessions for signing in. In addition,
> session.use_trans_sid = 0 in my ini file. I can't figure out how, but
> somehow my scripts all still work and I am able to login fine, even
> though cookies are disabled, as well as trans sid.[/color]
<snip>

Not at all possible. I guess 2 reasons:
1. You didn't _actually_ disable cookies
2. Your login script is buggy

--
| Just another PHP saint |
Email: rrjanbiah-at-Y!com
John Wellesz
Guest
  
Posts: n/a
#10: Jul 17 '05

re: questions about sessions

On 04 août 2004, Sir ng4rrjanbiah@rediffmail.com (R. Rajesh Jeba Anbiah)
claimed in news:abc4d8b8.0408032137.cfe79c3@posting.google.co m:
[color=blue]
> Marcus <JumpMan222@aol.com> wrote in message
> news:<PMPPc.2588$hI.854722@newssvr28.news.prodigy. com>...
> <snip>[color=green]
>> For testing
>> purposes, I turned off all cookies in IE and attempted to sign into
>> my site on my local host, which uses sessions for signing in. In
>> addition, session.use_trans_sid = 0 in my ini file. I can't figure
>> out how, but somehow my scripts all still work and I am able to login
>> fine, even though cookies are disabled, as well as trans sid.[/color]
> <snip>
>
> Not at all possible. I guess 2 reasons:
> 1. You didn't _actually_ disable cookies
> 2. Your login script is buggy
>[/color]


Just create a script that call phpinfo() and watch in the variable part if
IE send cookies.
Chung Leong
Guest
  
Posts: n/a
#11: Jul 17 '05

re: questions about sessions

"Marcus" <JumpMan222@aol.com> wrote in message
news:UjZPc.81$r_1.33142@newssvr28.news.prodigy.com ...[color=blue]
> Marcus wrote:
>[color=green]
> > I believe the default for that is 1, which I assumed to mean 100% - all
> > that math and stats getting my CS degree trained me to think 1 is 100%
> > :-) Thanks for clearing that up, I will try it out.
> >
> > Anyone have any ideas on the first part of my question with how the
> > session even is working with cookies off and trans_sid off? Thanks as
> > always.
> >
> > Marcus
> >[/color]
>
> Chung,
>
> Continuing your last post, sorry but I forgot to ask, is there an
> optimal value to set it to? i.e. does garbage collecting 100% of the
> time have detrimental effects like slower performance? If not, I can't
> see why it wouldn't be defaulted to 100%...[/color]

It slows things down a bit, but probably not by much. Then again, there's no
harm in keeping the expired session files around either. A few 100-byte
files won't kill your disk quota. And if you have hundreds of concurrent
sessions, that probably means you're getting thousands of page hits, so the
GC mechanism would be triggered often enough at the default setting.


--
Obey the Clown - http://www.conradish.net/bobo/
Closed Thread

« previous question | next question »

Similar PHP bytes

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,471 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved