First are you sure the data was not deleted? If the cookie is still set in your browser a new session file will be created with the same session id.
I believe you adjust the session gc and the session max lifetime, additionally if you are concerned about someone bookmarking a sessionid or storing it in history take a look at the session.referer_check configuration directive: ; Check HTTP Referer to invalidate externally stored URLs containing ids. ; HTTP_REFERER has to contain this substring for the session to be ; considered as valid. session.referer_check = Obviously it wont work with some browsers and referer is sent by the client but every little bit helps. Jason On Thu, 2003-01-09 at 20:09, Matias Silva wrote: > I have gone through the past posts and can't find an answer to my problem > > I'm using a URL based session management schema, and I was wondering how to > set > the session duration time. I know there is the session.gc_probability and > session.gc_maxlifetime but > that's only for garbage collection. Just for testing I set the probability > to 100 and the maxlifetime to 60 > just to see if my session would automatically expire, as my luck would have > it didn't. I use session_start() > in my test scripts so that should run with a 100% probability any garbage > clean up of any sessions > that are 1 minute old. > > I have the session.use_cookies set to 0 and, the session.cookie_lifetime > only applies to cookies. So I don't > know why my sessions are not expiring. Does anybody have any Idea? Should > I just be manually checking > for the duration of the session(?) and then delete it if it has expired? > > Best, > Matt > > > Matt Silva > ---------------------------------------------------------------------------- > ----------------------------------------- > Empower Software Technologies > [EMAIL PROTECTED] > PH 909.672.6257 > FX 909.672.6258 > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
