hi all
i am using sessions in my site . i am a bit confused about i know definition of session id .but as far as i know it should be allocated new each time a new session is started.

1?) can smbdy tell me when do we say that a new session is started ..is it when we close and open browser window ..
is it when we press refresh button
or is it dependent on some session timeout factor

2?> how is garbage collector related to session timeout

3?> how is cookie expire time related to session timeout

as
in my case i set session.gc_maxlifetime=1 sec
just for testing purpose and did not write anything in session file for 1 minute so that garbage collector remove my old session file but
even after 3 minutes my old session data was retained
what can be the reason behind it
please tell

nidhi

__________________
nidhi

> can smbdy tell me when do we say that a new session is started

Sessions begin depending on whether or not a session is already active. When you call session_start() a cookie is sent to the client browser. That cookie remains active until either the session times out or the user closes the browser window. So if you have a session set up correctly, refreshing will just keep the current session active, unless you refresh after the session times out, in which case a new session would be started (provided the criteria for starting a new session is met).

> how is garbage collector related to session timeout

Garbage collection depends on the setting of three ini directives,

session.gc_divisor
session.gc_maxlifetime
session.gc_probability

session.gc_divisor and session.gc_probability determine when garbage collection will happen, this can be thought of as a percentage. If the divisor is 100 (it's default value) and the probability is 1 (it's default value), then upon every request to the server, there is a 1 in 100 (1%) chance that garbage collection will execute. If you want a greater certainty of garbage collection, just increase the probability value. If you increase that number to say 80, then there is an 80% chance that garbage collection will run on every request. I assume this system is meant to conserve resources. Then of course the maxlifetime directive defines the time at which a session will be considered expired, any time after it has expired, garbage collection can come to end the session, though as I've already said, that depends on the probability directive. When the probability directive is a low value, old, expired sessions are more likely to be revived.

> how is cookie expire time related to session timeout

The session cookie is destroyed when either the session times out or the browser window is closed, depending on which happens first.

HTH!

Regards,
Rich

--
Author,
Beginning CSS: Cascading Style Sheets For Web Design
CSS Instant Results

http://www.catb.org/~esr/faqs/smart-questions.html

sir a a looottta thanks for your detailed reply still i will be obliged if you tell me
1?> i closed browser window and opened it again and echoed my session id but unbelievably it ws same
as far as i ahve understood from ur explanation session shold be over as we close browser window but it is not happeneing what can be the reason

2? as i set garbage_max_lifetime=1 sec to check it but saw that even after 3 inutes session id was same den i feel you are right its because probability that garbage colector runs is very low in my case ..am i right ?..

3?>and sir which directive determines session time out time?...

nidhi

and sir please clear my doubt

?>somebody said that even if garbage collector running on server runs and deleted session file still while making connection next time in case if client sends the old session id to server from its cookie then also same session id will be used and it wont be considered as expired ?....?????? i am puzzled

?>he says that session will expire only in case your cookie times out ...no browser closing can expire session ?...

i saw this line in my php.ini file

Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
does this directive makes my cookie to store session id forever ?...please reply

actually
?>what is the flow between serever client using sesscion ...and transferring session id not using URL but using cookie
?>when a new session id comes into existence
is it when garbagecollector does its work may be less probable
is it finally when we close browser window
is it when cookie on client side times out

?>what happens if gc on server removes session file and client still possess cookie

?>what happens if client cookie expires and server has its file with it means no garbage collection yet done ?..

?>what happens if cookie timesout and browser is not closed ???>.......please please please clear my doubt


nidhi