1. Session timeout problemThere is a nuance we found with session timing out although the user is still active in the session.  The problem has to do with never modifying the session variable. The GC will clear the session data files based on their last modification time.  Thus if you never modify the session, you simply read from it, then the GC will eventually clean up. To prevent this you need to ensure that your session is modified within the GC delete time.  You can accomplish this like below. if(!isset($_SESSION["last_access"]) || (time() - $_SESSION["last_access"]) >= ...

There are many different discussions about PHP sessions. We may often face some weird issues while handling PHP sessions. Sometimes session is expired earlier than expected. Or sometimes the session is not expired. This introduces many confusions.Today we discuss how to set PHP session timeout correctly today. In php.ini, there are three key parameters which will affect the session timeout. session.gc_maxlifetime, session.gc_probability and session.gc_divisor. session.gc_maxlifetime defined the lifetime of a session in seconds which indicates when the session will be garbage collected. Then se...

By default, PHP uses the 'PHPSESSID' cookie to propagate session data across multiple pages, and by default it uses the current top-level domain and subdomain in the cookie declaration.Example: www.domain.comThe downside to this is that the session data can't travel with you to other subdomains. So if you started a session on www.domain.com, the session data would become unavailable on forums.domain.com. The solution is to change the domain PHP uses when it sets the 'PHPSESSID' cookie.Assuming you have an init file that you include at the top of every PHP page, you can use the ini_set() functi...

A few minutes ago, I noticed one strange thing when I did my PHP web application development.The situation is described below:I want to display a user's profile using a query parameter user=user_id as the parameter. And also the session variable when user logs in  is $_SESSION["user"].So before displaying the user's profile, I need to either get the query string parameter user and create a local variable called $user and assign value to it as $user=$_REQUEST["user"].Here comes the strange thing,every time after the local variable $user is changed,the session variable $_SESSION["user"] is ...