Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > PHP/MySQL > PHP How-To
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
PHP How-To Post your "How do I do this with PHP?" questions here.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the PHP How-To section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old June 26th, 2006, 07:19 AM
Authorized User
 
Join Date: Jun 2006
Location: bombay, maharashtra, India.
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default what is session id and when does it expire

hi all
i am using sessions in my site . i am a bit confused about i know definition of session id .but as far as i know it should be allocated new each time a new session is started.

1?) can smbdy tell me when do we say that a new session is started ..is it when we close and open browser window ..
is it when we press refresh button
or is it dependent on some session timeout factor

2?> how is garbage collector related to session timeout

3?> how is cookie expire time related to session timeout

as
in my case i set session.gc_maxlifetime=1 sec
just for testing purpose and did not write anything in session file for 1 minute so that garbage collector remove my old session file but
even after 3 minutes my old session data was retained
what can be the reason behind it
please tell

nidhi
__________________
nidhi
Reply With Quote
  #2 (permalink)  
Old June 26th, 2006, 08:58 AM
richard.york's Avatar
Wrox Author
Points: 5,506, Level: 31
Points: 5,506, Level: 31 Points: 5,506, Level: 31 Points: 5,506, Level: 31
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Camby, IN, USA.
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default

> can smbdy tell me when do we say that a new session is started

Sessions begin depending on whether or not a session is already active. When you call session_start() a cookie is sent to the client browser. That cookie remains active until either the session times out or the user closes the browser window. So if you have a session set up correctly, refreshing will just keep the current session active, unless you refresh after the session times out, in which case a new session would be started (provided the criteria for starting a new session is met).

> how is garbage collector related to session timeout

Garbage collection depends on the setting of three ini directives,

session.gc_divisor
session.gc_maxlifetime
session.gc_probability

session.gc_divisor and session.gc_probability determine when garbage collection will happen, this can be thought of as a percentage. If the divisor is 100 (it's default value) and the probability is 1 (it's default value), then upon every request to the server, there is a 1 in 100 (1%) chance that garbage collection will execute. If you want a greater certainty of garbage collection, just increase the probability value. If you increase that number to say 80, then there is an 80% chance that garbage collection will run on every request. I assume this system is meant to conserve resources. Then of course the maxlifetime directive defines the time at which a session will be considered expired, any time after it has expired, garbage collection can come to end the session, though as I've already said, that depends on the probability directive. When the probability directive is a low value, old, expired sessions are more likely to be revived.

> how is cookie expire time related to session timeout

The session cookie is destroyed when either the session times out or the browser window is closed, depending on which happens first.

HTH!

Regards,
Rich

--
Author,
Beginning CSS: Cascading Style Sheets For Web Design
CSS Instant Results

http://www.catb.org/~esr/faqs/smart-questions.html
Reply With Quote
  #3 (permalink)  
Old June 29th, 2006, 04:11 AM
Authorized User
 
Join Date: Jun 2006
Location: bombay, maharashtra, India.
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

sir a a looottta thanks for your detailed reply still i will be obliged if you tell me
1?> i closed browser window and opened it again and echoed my session id but unbelievably it ws same
as far as i ahve understood from ur explanation session shold be over as we close browser window but it is not happeneing what can be the reason

2? as i set garbage_max_lifetime=1 sec to check it but saw that even after 3 inutes session id was same den i feel you are right its because probability that garbage colector runs is very low in my case ..am i right ?..

3?>and sir which directive determines session time out time?...

nidhi
Reply With Quote
  #4 (permalink)  
Old June 29th, 2006, 05:17 AM
Authorized User
 
Join Date: Jun 2006
Location: bombay, maharashtra, India.
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

and sir please clear my doubt

?>somebody said that even if garbage collector running on server runs and deleted session file still while making connection next time in case if client sends the old session id to server from its cookie then also same session id will be used and it wont be considered as expired ?....?????? i am puzzled

?>he says that session will expire only in case your cookie times out ...no browser closing can expire session ?...

i saw this line in my php.ini file

Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
does this directive makes my cookie to store session id forever ?...please reply

actually
?>what is the flow between serever client using sesscion ...and transferring session id not using URL but using cookie
?>when a new session id comes into existence
is it when garbagecollector does its work may be less probable
is it finally when we close browser window
is it when cookie on client side times out

?>what happens if gc on server removes session file and client still possess cookie

?>what happens if client cookie expires and server has its file with it means no garbage collection yet done ?..

?>what happens if cookie timesout and browser is not closed ???>.......please please please clear my doubt


nidhi
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
identify which session variable expire neon20 Classic ASP Basics 0 September 4th, 2007 05:59 AM
how to redirect to logout page when session expire madhusrp ASP.NET 2.0 Basics 10 April 4th, 2007 08:16 AM
what is session id and when does it expire nidhimittal Beginning PHP 0 June 26th, 2006 07:20 AM
session id rbojja J2EE 2 February 13th, 2006 05:48 AM
session id rbojja J2EE 1 February 11th, 2006 01:22 PM



All times are GMT -4. The time now is 06:06 AM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.