Hello... I have a question about sessions; actually I guess the question is more about destroying them.
I'm using sessions for loging in and form validation purposes. Unforunately, session files appear to be building-up in the root of the site I am using them on. I figure I can use "session_destroy()" to take care the form validation session files. I figured I could also possibly use "session_destroy()" on a log-out page to take care of many session files that are used to keep users logged in. But what do I do to take care of the session files for those users who close the browser without logging out (destroying the session).
Right now it seems that those sessions will just sit in the root until they are manually removed. There are some that have been sitting on the root for days.
Any thoughts?by default php/apache have a garbage collection routine. it is a setting, either in php.ini file or in apache environment variables, set to about 30 minutes of inactivity. it will automatically delete them. but I have never seen it go to root of the site. you should have it in like /tmp or something.
but you shouldn't use session_destroy as that is deprecated in favor of unset().
also you should be using $_SESSION instead.
also, when you unset a session it clears it form the whole site unless you started it again.Thanks Scoutt...
These are my friend's site that I work on for him. He just switched hosting providers and his sites are now on an IIS box.
I guess the new hosting providers do not have that garbage collection routine implemented.
I will update my code as you suggested and see if my friend wants to contact the hosting provider about clean-up options.
Thanks for the info.
if it is IIS then I am not sure if they have one, but php still does.
session.gc_maxlifetime = 1440
that is what controls how long it is valid, then it gets cleaned up from the garbage collector, if IIS has one.Thanks again Scoutt!
I'll let you know how it works out
I'm using sessions for loging in and form validation purposes. Unforunately, session files appear to be building-up in the root of the site I am using them on. I figure I can use "session_destroy()" to take care the form validation session files. I figured I could also possibly use "session_destroy()" on a log-out page to take care of many session files that are used to keep users logged in. But what do I do to take care of the session files for those users who close the browser without logging out (destroying the session).
Right now it seems that those sessions will just sit in the root until they are manually removed. There are some that have been sitting on the root for days.
Any thoughts?by default php/apache have a garbage collection routine. it is a setting, either in php.ini file or in apache environment variables, set to about 30 minutes of inactivity. it will automatically delete them. but I have never seen it go to root of the site. you should have it in like /tmp or something.
but you shouldn't use session_destroy as that is deprecated in favor of unset().
also you should be using $_SESSION instead.
also, when you unset a session it clears it form the whole site unless you started it again.Thanks Scoutt...
These are my friend's site that I work on for him. He just switched hosting providers and his sites are now on an IIS box.
I guess the new hosting providers do not have that garbage collection routine implemented.
I will update my code as you suggested and see if my friend wants to contact the hosting provider about clean-up options.
Thanks for the info.
if it is IIS then I am not sure if they have one, but php still does.session.gc_maxlifetime = 1440
that is what controls how long it is valid, then it gets cleaned up from the garbage collector, if IIS has one.Thanks again Scoutt!
I'll let you know how it works out