php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #58302 session.gc_maxlifetime should be not used.
Submitted: 2008-08-07 06:27 UTC Modified: 2008-09-11 14:27 UTC
From: zwxajh at gmail dot com Assigned:
Status: Wont fix Package: memcache (PECL)
PHP Version: 5.1.6 OS: linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: zwxajh at gmail dot com
New email:
PHP Version: OS:

 

 [2008-08-07 06:27 UTC] zwxajh at gmail dot com 
Description:
------------
memcache_session.c 
line 188

if (mmc_pool_store(pool, "set", sizeof("set")-1, key_tmp, key_tmp_len, 0, INI_INT("session.gc_maxlifetime"), val, vallen TSRMLS_CC)) {
...

I thought that the session data lifetime should be same with 'session.cookie_lifetime'.


Reproduce code:
---------------
memcache_session.c 
line 188

if (mmc_pool_store(pool, "set", sizeof("set")-1, key_tmp, key_tmp_len, 0, INI_INT("session.cookie_lifetime") == 0?INI_INT("session.gc_maxlifetime"):INI_INT("session.cookie_lifetime"), val, vallen TSRMLS_CC)) {
...

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-11 14:27 UTC] mikael at synd dot info 
From the session documentation

"session.gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and cleaned up."

This sounds a lot like an expiry timeout, i.e. after these number of seconds it's ok to flush the value, same as in how memcached handles expiry ttl's.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Apr 24 00:01:32 2024 UTC