php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #8501 session.gc.maxlifetime option dosen't work
Submitted: 2000-12-31 12:16 UTC Modified: 2001-01-03 05:38 UTC
From: bignat at mail dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.0.4 OS: linux
Private report: No CVE-ID: None
View Developer Edit
 [2000-12-31 12:16 UTC] bignat at mail dot com 
I tryed to limit cookieless session lifetime, but the session.gc_maxlifetime option does not work. I don't have the id's removed from the /tmp directory.

The POST/GET style lifetime is not builtin? then this is feature request! Thanx! You are great, guys!

I'm using a php 4.0.2 (apache module) on a linux OS.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-01-02 08:48 UTC] sniper@php.net 
Please try PHP 4.0.4 if this works with it.

--Jani
 [2001-01-02 12:38 UTC] bignat at mail dot com 
Now, by a coincidence, I can tell you that it works, but not correctly. I mean I've put in php.ini the session.lifetime=300 and session_gc_maxlifetime=300, but they are not purged after 5 minutes. I still can use that session after 5 minutes.. (i did it so to try it). But once, after more of 5 hours of working, I got a message like "Warning: ... 11 session id's purged.."
I think it works, but it seems to be 300 *minutes* or something, not seconds. Could you verify it?..
Thanx.
 [2001-01-02 18:23 UTC] sniper@php.net 
Maybe this would help:
---------------------------------------------------
session.gc_probability    = 1       ; percentual probability that the 
                                                    ; 'garbage collection' process is started
                                                    ; on every session initialization
---------------------------------------------------
This means that there is 1% probability that the session cleanup is 
even started.

---------------------------------------------------
session.gc_maxlifetime    = 1440    ; after this number of seconds, stored                                                                            ; data will be seen as 'garbage' and
                                                        ; cleaned up by the gc process
---------------------------------------------------
And this means, that IF the cleanup is started, then _only_ sessions older
than 1440 seconds are deleted.


--Jani
 [2001-01-03 05:38 UTC] bignat at mail dot com 
It just works perfectly!

I've read the #3793 bug and feedbaks. I don't have now any error (reported by me or there with windows). The gc.max_lifetime works fine and does not remove any other session id. I cannot work with the session after the expire time. The fact that the gc is started only when a session is started, does not matter, because when someone tries to use it, it will be purged..

There is one thing I want to emphasize. I learned from mathematics that probabilities are from 0 to 1, that is, a probability of 1 means 100%. That was confusing me, belivieng that things go wrong, even there is mentioned something about percentage in the gc.probability option.
I suggest you to put there (in the ini file) as default gc.probability=100 so that people could know the limits (or a note about limits, like 'max 100'). It can confuse many people who think like me, that 1 means 100%, when in fact means a very low prob to the gc to be started.

I realise that it is a good choice to put a lower value in the gc.probability option, because in a production environment with many sessions at a time, the gc could annoy  and decrease proceess velocity.. it is very well thought I think, but it should be better documented in the ini file, I repeat myself, just make known the limits of the gc.probability and in my opinion all will be much better.

Thank you so much!
Daniel BI
 
PHP Copyright © 2001-2026 The PHP Group
All rights reserved. 		Last updated: Fri Jun 26 15:00:01 2026 UTC