php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #45871 session.gc_max_lifetime max value?
Submitted: 2008-08-20 19:46 UTC Modified: 2009-02-06 17:14 UTC
From: brett at pineconehill dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.2.6 OS: Debian Etch/Lenny (2 machines)
Private report: No CVE-ID: None
View Developer Edit
 [2008-08-20 19:46 UTC] brett at pineconehill dot com 
Description:
------------
While debugging session time out issues, I set the "session.gc_maxlifetime' option in php.ini to 15778463 (6 months)  In doing so, after restarting the server, of course, I was not able to log on to my test site at all.  This was the only setting that was changed.  

I lowered the value until I reached a range that would allow logins again.  Lowering the value to 2400000 allowed a log in to occur.  It seems that somewhere around the 2500000 range is when it stopped permitting logins.

Logins are authenticated via a MySQL database.

It appears as if an unsigned value is accidentally being treated as a signed one.

Reproduce code:
---------------
session.gc_maxlifetime = 15778463

Expected result:
----------------
Logins would be allowed, and sessions would not expire within 6 months, as part of session troubleshooting.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-08-21 20:55 UTC] jani@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.
 [2008-08-29 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2009-02-06 15:29 UTC] brett at pineconehill dot com 
We have narrowed this down to memcache session handlers.  

Steps to reproduce:

apt-get install memcached

compile memcache extension and add to php.ini file:

extension=memcache.so

sample script:

<?php
        ini_set('session.save_handler', memcache);
        ini_set('session.save_path', "tcp://localhost:11211");
        ini_set('session.gc_maxlifetime',15578463);
?>
 [2009-02-06 17:14 UTC] scottmac@php.net 
Memcache is the issue here. The number of seconds may not exceed 60*60*24*30 (number of seconds in 30 days);

Which is 2592000 seconds
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Nov 03 12:00:02 2025 UTC