On Fri, 22 Nov 2002 15:08:31 +0100, you wrote: >I don't think the session handler checks session expiry - only gc does. I >haven't checked the PHP sources yet, but I found out that on my development >server (where we definetely don't have a lot of traffic ;->) session files >can persist over night, and the session is still available in the >morning... only when the gc_probability is hit (i.e. at the 100th access), >the file gets removed. At least with my PHP (4.2.2, RH 7.2).
Then I suppose it's just an added feature of the session handler I am using. Maybe the OP should give it a shot, as I use it and I definitely don't have a problem with expired sessions being reactivated. That's not to say that you cannot pass a SID that was given to you the day before, but all of the data that was associated with it will be gone using this custom session handler, and it will effectively be a new session with the same name. I'm using the MySQL based session handler which is available here: http://www.phpbuilder.com/columns/ying20000602.php3 FWIW... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
