How Does One Make a Session Persist?

General PHP Help
#1

I’m creating a site where members have to log in in order to access the site’s pages. I’m using sessions to log the members in. Each member has a unique session id that grants him access to the site. At the top of each of the sit’es pages, I authenticate the user using the following code.[php]

<?php //Start session session_start(); //Check whether the session variable id is present or not if(!isset($_SESSION['id']) || (trim($_SESSION['id']) == '')) { header("location: access_denied.php"); exit(); } ?>

[/php]

So this bit of code basically redirects the user to an access denied page, if the user isn’t authenticated otherwise, the user can access the page. Right below that bit of code, I have this code that ends the session after 15 minutes of inactivity.
[php]

<?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); //Get the current page url to pass on to the session expired page. $url=urlencode("http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 900)) { // last request was more than 15 minates ago session_destroy(); // destroy session data in storage session_unset(); // unset $_SESSION variable for the runtime header("location: session_expired.php?url=$url"); } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp ?>

[/php]

What do I need to do to keep the session permanently active until either the 15 minutes is reached or I manually sign out ? Often times the page upon refreshing, gets redirected to the access_denied.php which clearly indicates that my session id is not lingering on and gets destroyed prematurely. What do I do??

#2

make sure these values are at least 900 in your php.ini “session.gc_maxlifetime” and “session.cookie_lifetime”
900 is for 15minutes times 60 seconds. it is counted in seconds.

#3

@plintu . so where does one find the ini files?

#4

you should have one in your main directory, you might have to ask your host if they accept personally created ones that you would place in your main directory. if so then you just need to create one, here is an example one. you would have to adjust the settings as needed for your needs.
http://plintu.com/phpini.txt

Sponsor our Newsletter | Privacy Policy | Terms of Service