Suhas wrote:
Hello,
     I am trying to understand how sessions work. I have this code. My
understanding is after 1 sec of script completion, (may be little
after that), the session should destroy.

I understand that it is huge overhead for server, not planning to do
this but want to understand how it really works.

This server uses cookie to store session. Setings in php.ini file are
defaut (1440 and probility is 1)


ini_set('session.auto_start', '0');

this ini setting can onyl be set before php
starts - setting inside your script does nothing. I THINK.

session_id('SSP');

I wouldn't make the call to session_id() - not like that
anyway - insecure springs to mind - read more here:
http://php.net/session_id

IHMO you should just let php handle session id generation.

session_cache_limiter("nocache");

this function call determine the kind of
caching headers that will be sent.
yuor pages should not be cached by the browser
or any intermediary proxy.

ini_set('session.cookie_lifetime', '0');

this sets you session cookie to last for as long as you
keep the browser open.

ini_set('session.gc_probability', '100');
ini_set('session.gc_divisor', '100');
ini_set('session.gc_maxlifetime', '1');

these 3 ini setting have to do with garbage collection
(gc) of stale session data (files) - the numbers you use
100 & 100 mean that the garbage collector will be run
at the end of every request - thats very bad for performance.

session.gc_maxlifetime doesn't seem to be being honored ..
this may be down to your version of php, your OS, a combination
thereof - or it may even be that the value is too small to
be meaningful. or the session.cookie_lifetime may be
interfering - I just don't know but seems _like_ incorrect behaviour

bare in mind that although you are calling ini_set() on all these
setting that does not mean that any of the values you give are actually
being set successfully - use ini_get() after your call to session_start()
and echo out the results to determine what values are actually in
affect.

session_start();

indeed - you must call session_start() before trying to
use $_SESSION

if(!session_is_registered('count'))
  session_register('count');

echo ++$_SESSION['count'];

don't mix the use session_register() and the $_SESSION
superglobal - in fact just use the $_SESSION superglobal
and forget session_reigster completely i.e.
you can just do:

if (!isset($_SESSION['count'])) {
        $_SESSION['count'] = 0;
}

$_SESSION['count']++;


Any help will be appriciated!

HTH (I might need correcting on some of the details - anyone
care to chip in?)


Thanks
SP


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to