PHP :: Request #40275 :: FREQ: Ability to access sessions without increasing their lifetime

Request #40275	FREQ: Ability to access sessions without increasing their lifetime
Submitted:	2007-01-29 17:49 UTC	Modified:	2021-07-07 11:34 UTC
From:	graced at monroe dot wednet dot edu	Assigned:	cmb (profile)
Status:	Closed	Package:	Session related
PHP Version:	5.2.0	OS:	Irrelevant
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	graced at monroe dot wednet dot edu
New email:
PHP Version:		OS:

New Comment:

[2007-01-29 17:49 UTC] graced at monroe dot wednet dot edu

Description:
------------
It's not readily apparent whether there is any way to do this with PHP's built-in session handler, so I figured I would write a request:

It would be nice to have a way to access a session (ala session_start()) in such a way where the lifetime of that session is not extended.

The intended application is for a PHP script that responds to polling (through Javascript) every ~5 minutes to report any new events.  For example, Javascript code might poll the server periodically to see if the user has any new messages on a forum.

Using session_start() in this situation is not neccessarily ideal as it would keep the user perpetually logged in until their webbrowser was closed.  The idea is that interactive actions (a user clicking on a link to another page on the site or submitting a form) should continue to increase the lifetime of a session, but noninteractive ones should not.  However, they should still be able to access (and potentially modify) session variables.

Additionally, with this feature an additional function (session_lifetime_remaining?) which returns the number of seconds until a session expires would be ideal -- allowing a user to be warned of impending logout due to inactivity.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-12-30 23:56 UTC] cmb@php.net

-Package: Feature/Change Request +Package: Session related

[2021-07-07 11:34 UTC] cmb@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb

[2021-07-07 11:34 UTC] cmb@php.net

The session timestamp is supposed to be updated on write, not on
read.  So calling session_start() doesn't extend the lifespan of
the session, but rather the implicit session_write_close() at the
end of the script.  You can avoid that by calling session_abort().

> Additionally, with this feature an additional function
> (session_lifetime_remaining?) which returns the number of seconds
> until a session expires would be ideal

It wouldn't be possible to give the exact value, since that
depends on when the GC will actually be triggered.  But anyhow,
you could use a custom session handler to implement this.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Jun 02 21:01:27 2025 UTC