Resolves session expiration Settings for PHP

The answer, many on the Web, is to modify session.gc_maxlifetime in the php configuration file. Read on to learn more about the session recycling mechanism. (Environment php5.2 of this article)

Summary: For every php request, there is a 1/100 chance (default) that the "session recycle" will be triggered. If "session recycle" occurs, files for /tmp/sess_* are checked, and if the last modification has now exceeded 1440 seconds (the value of gc_maxlifetime), they are deleted, indicating that these session expired.

1. How does session exist at the server end (1 Apache with PHP module)?
The default, php session will be stored in the/tmp directory, file called like this: sess_01aab840166fd1dc253e3b4a3f0b8381. Each file corresponds to 1 session (session).
more /tmp/sess_01aab840166fd1dc253e3b4a3f0b8381
jiangfeng username | s: 9: ""; admin | s: 1: "0";
Type: length: value
Deleting the session file here means that the corresponding session is invalid.

2. How does session exist on the client side?
session on the browser side, just save session ID (the only ID generated by the server side). There are two ways to save it: in cookie and in url. If you save session ID from cookie, you can see that there is one PHPSESID variable in the browser's cookie. If it is transmitted by URL, you will see the following:
index. php? PHPSESID = 01 aab840166fd1dc253e3b4a3f0b8381 URL. (At the end of server, session.use_ES85en can control which way to use)

3. On the server side, how does php determine whether the session file is expired?
If "last modified" by "now" exceeds gc_maxlifetime (default is 1440) seconds, the session file is considered expired. On the next session recycle, if the file has not been changed, the session file is deleted (session expires).
Simply put, if I log into a site and haven't done anything in 1440 seconds (the default), then the corresponding session is considered expired.
So, changing the gc_maxlifetime variable in the php.ini file extends the expiration time of session :(for example, we change the expiration time to 86,400 seconds)
session.gc_maxlifetime = 86400
Then, restart your web service (1 apache).
Note: session expiration in php5 USES the recycle mechanism. The time is set to 86,400 seconds, and if session is not modified in 86,400 seconds, it is not really deleted until the next "recycle".

3. When does session "recycle" occur?
By default, there is a 1/100 chance that every php request will be recycled, so this might simply be understood as "every 100 php requests will be recycled". This probability is controlled by the following parameters
The # probability is gc_probability/gc_divisor
session.gc_probability = 1
session.gc_divisor = 100
Note 1: Assuming that gc_maxlifetime=120 in this case, if an session file was last modified 120 seconds ago, the session will still be valid until the next recycle (1/100 probability) occurs.
Note 2: If your session USES session.save_path to save session elsewhere, it is possible that the session recycling mechanism will not automatically process expired session files. At this time, manual (or crontab) deletion of expired session: cd /path/to/sessions should be timed. find-cmin +24 | xargs rm

4. 1 Some special cases
Since the recycle mechanism checks the "last modified time" of the file, if a session is active but the contents of session have not changed, then the corresponding session file has not changed, and the recycle mechanism will delete it as an session that has not been active for a long time. This is something we don't want to see, and can be solved by adding the following simple code:
< ?php if(!isset($_SESSION['last_access'])||(time()-$_SESSION['last_access']) > 60) $_SESSION['last_access'] = time(); ? >
The code attempts to modify session every 60 seconds.
Summary: If you want to change the session expiration time, just change the variable gc_maxlifetime. php5 USES a passive recycling mechanism (garbage collection). The expired session file does not disappear by itself, but rather processes the expired session by triggering the "recycle".