Hi Matt, The user's browser will retain the session cookie as long as it is open unless "session.cookie_lifetime" is set to something other than zero in the php.ini or you can also set it in your script like this:
// set session cookie to expire in 30 minutes. ini_set("session.cookie_lifetime","1800"); If they don't close their browser they can leave and come back to your site and still have the same session. In I.E. you can even pop a new browser and the child browser will have the same session cookie as the parent.... feature or bug??? who knows. As far as the files in /tmp are concerned... There are two variables that control them in the php.ini 1) session.gc_maxlifetime 2) session.gc_probability if session.gc_maxlifetime is set to 1800 then php will see any files left in /tmp as garbage after 30 minutes. session.gc_probability is a percentual probability that any "garbage" will be deleted. Since any files left in /tmp will be useless to a browser that exceeded our 30 minutes they are not harmful but will need to be culled eventually to keep it from growing forever. If session.gc_probability was set 100 then every single time there was session activity the "garbage" files would be deleted. This could get to be too much extra overhead on a busy server so you could set it to something like 1 so that only every 1 out of a hundred times there was session activity the "garbage" files would be deleted. NOTE: if session.gc_maxlifetime is set to something less than session.cookie_lifetime and gc_probability is high (or you just get unlucky and the number comes up) session data on the server could be deleted and the user's browser would still have the old session cookie to a session that no longer exists. This means that the user will not be able to get another session and can make a mess of an ecommerce deal. I believe all three ini variables can be set by user via ini_set and I would strongly recommend taking advantage of that if you are on a shared server and cannot control what's in php.ini. http://www.php.net/manual/en/function.ini-set.php Sorry for the book. But sessions can be difficult to grasp if your new and I thought this was important. Jim Grill Support Web-1 Hosting http://www.web-1hosting.net ----- Original Message ----- From: "Matt Babineau" <[EMAIL PROTECTED]> To: "'PHP'" <[EMAIL PROTECTED]> Sent: Thursday, July 25, 2002 9:15 AM Subject: [PHP] Sessions, how they exist and die > My question is, if I have a user on my web site, and they leave and come > back does their session still exist? the file in the /tmp folder exists > until it is deleted by the OS? If the user comes back will they get > assigned the same session they had before? I know the questions are > pretty newbish but I have had experiences in other languages in the past > where this is the case. The session cookie stayed in the users browser, > so they kept getting the same session and not a new session if they left > and came back a day later. > > Matt Babineau > MCWD / CCFD > ----------------------------------------- > e: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] > p: 603.943.4237 > w: <http://www.criticalcode.com/> http://www.criticalcode.com > PO BOX 601 > Manchester, NH 03105 > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php