CodeIgniter Forums
How to have a session that never expires ? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11)
+--- Thread: How to have a session that never expires ? (/showthread.php?tid=70876)

Pages: 1 2


How to have a session that never expires ? - Coool6 - 06-12-2018

Hello Dear CI Community,

I don't understand, i read the documentation and i set the sess_expiration on '0' as the doc said, but even with the tab always open in the browser (Chrome), the session never exceed 2 or 3 hours. After that time, the session file on the server is updated and the user data are removed... (i didn't define a save_path but it's automatically saved in the var/php folder of the server)

Here is my config code : 

PHP Code:
$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0;
$config['sess_save_path'] = NULL;
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE

PHP Code:
$config['cookie_prefix']    = '';
$config['cookie_domain']    = '.mydomain.com';
$config['cookie_path']        = '/';
$config['cookie_secure']    = FALSE;
$config['cookie_httponly']     = FALSE

Ideally i would have at least a session that doesn't expire as long as the tab is open and in the best way, i would have a running session even when the user is off, in order to avoid to ask him to relog each time he comes to the website. 

If you have any ideas, it will be great !!  Heart

Thanks a lot !!

Cheers.


RE: How to have a session that never expires ? - php_rocs - 06-12-2018

I have some questions and comments...what version of CI are you using? Your session settings appear to be correct. Although only one of my cookie config settings is different: $config['cookie_domain'] is set to ''. Did you check your PHP.ini Session settings?


RE: How to have a session that never expires ? - Coool6 - 06-12-2018

(06-12-2018, 08:45 AM)php_rocs Wrote: I have some questions and comments...what version of CI are you using?  Your session settings appear to be correct. Although only one of my cookie config settings is different: $config['cookie_domain'] is set to ''.  Did you check your PHP.ini Session settings?

Thanks for your help, i use the 3.1.6

Before, the cookie_domain was see to '' and it was the same issue, i just changed it recently cause i found someone on Stack Overflow who recommended it, but it didn't fix anything  Huh

this is the extract of my phpinfo() for the session, first value is the the local value, second is the master value.
If you see something abnormal, don't hesitate to tell me Smile

The only diff are session.cookie_domain, session.cookie_httponly, [b]session.name,  session.save_handler, [b]session.sid_length and [/b][/b]session.use_strict_mode.

session.auto_start
Off
Off
session.cache_expire
180
180
session.cache_limiter
nocache
nocache
session.cookie_domain
.mydomain.com
no value
session.cookie_httponly
On
Off
session.cookie_lifetime
0
0
session.cookie_path
/
/
session.cookie_secure
Off
Off
session.gc_divisor
1000
1000
session.gc_maxlifetime
1440
1440
session.gc_probability
1
1
session.lazy_write
On
On
session.name
ci_session
PHPSESSID
session.referer_check
no value
no value
session.save_handler
user
files
session.save_path
/srv/data/var/php/www
/srv/data/var/php/www
session.serialize_handler
php
php
session.sid_bits_per_character
5
5
session.sid_length
32
26
session.upload_progress.cleanup
On
On
session.upload_progress.enabled
On
On
session.upload_progress.freq
1%
1%
session.upload_progress.min_freq
1
1
session.upload_progress.name
PHP_SESSION_UPLOAD_PROGRESS
PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix
upload_progress_
upload_progress_
session.use_cookies
On
On
session.use_only_cookies
On
On
session.use_strict_mode
On
Off
session.use_trans_sid
0
0



RE: How to have a session that never expires ? - dave friend - 06-12-2018

The problem is here

PHP Code:
$config['sess_save_path'] = NULL

When using the file driver the value must be an absolute path to the folder to be used for the session files.

Read the Files Driver Documentation until you see the comment about absolute paths.


RE: How to have a session that never expires ? - Coool6 - 06-12-2018

(06-12-2018, 11:59 AM)dave friend Wrote: The problem is here

PHP Code:
$config['sess_save_path'] = NULL

When using the file driver the value must be an absolute path to the folder to be used for the session files.

Read the Files Driver Documentation until you see the comment about absolute paths.

Thanks for the info !  Heart
But i don't get it, actually when $config['sess_save_path'] is empty, the default path is "/srv/data/var/php/www" as you can see in my phpinfo()
Do i need to copy/past that in the $config['sess_save_path'] or do i need to create another custom folder ? 

Thanks a lot for your help !!


RE: How to have a session that never expires ? - dave friend - 06-12-2018

(06-12-2018, 12:18 PM)Coool6 Wrote: Thanks for the info !  Heart
But i don't get it, actually when $config['sess_save_path'] is empty, the default path is "/srv/data/var/php/www" as you can see in my phpinfo()
Do i need to copy/past that in the $config['sess_save_path'] or do i need to create another custom folder ? 

Thanks a lot for your help !!

Read the documentation one more time. Oh, never mind.  It says

Quote:[The files driver] doesn’t support PHP’s directory level and mode formats used in session.save_path,

Yes, you could explicitly set it like this.

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/www"

But that's not a good place if  /srv/data/var/php/www is where index.php is located. It is wise to put session storage outside a site's public accessible folders. You should consider creating a different folder. Perhaps /srv/data/var/php/sessions/. The owner should be www-data and with permissions set to 0700. If you were to create what was just described then you would use

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/sessions"



RE: How to have a session that never expires ? - Coool6 - 06-13-2018

(06-12-2018, 01:14 PM)dave friend Wrote:
(06-12-2018, 12:18 PM)Coool6 Wrote: Thanks for the info !  Heart
But i don't get it, actually when $config['sess_save_path'] is empty, the default path is "/srv/data/var/php/www" as you can see in my phpinfo()
Do i need to copy/past that in the $config['sess_save_path'] or do i need to create another custom folder ? 

Thanks a lot for your help !!

Read the documentation one more time. Oh, never mind.  It says

Quote:[The files driver] doesn’t support PHP’s directory level and mode formats used in session.save_path,

Yes, you could explicitly set it like this.

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/www"

But that's not a good place if  /srv/data/var/php/www is where index.php is located. It is wise to put session storage outside a site's public accessible folders. You should consider creating a different folder. Perhaps /srv/data/var/php/sessions/. The owner should be www-data and with permissions set to 0700. If you were to create what was just described then you would use

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/sessions"

I tried your solution but always the same issue, after a short time the session expires...
I don't get it  Sad Sad Sad


RE: How to have a session that never expires ? - dave friend - 06-13-2018

(06-13-2018, 07:52 AM)Coool6 Wrote: I tried your solution but always the same issue, after a short time the session expires...
I don't get it  Sad Sad Sad

When you say "the session expires" you mean that the session data is gone?

I have a GitHub Repository that is designed to test CodeIgniter (v3.x.x) session configuration. It contains one controller and one view file. Give it a try it may help you determine if you have a config issue or some other "logic" problem.


RE: How to have a session that never expires ? - php_rocs - 06-13-2018

@Coool6,
This probably doesn't matter but what version of PHP are you using?


RE: How to have a session that never expires ? - dave friend - 06-13-2018

Earlier I recommended

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/sessions"

Which might be wrong because it is missing a trailing slash. Try this.

PHP Code:
$config['sess_save_path'] = "/srv/data/var/php/sessions/"