防止PHP会话中的会话因非活动用户而过期

I have a problem with my application: my application has many forms and need about 1 hour to finish this form because the form is dynamic (can add other forms). The problem is: the session of my web server is 24 minutes. When user fill the form, they spent so much time and the session timed out because server recognize that the user is inactive. It's very annoying when form submitted, most data was lost and the user is returned to the login page. I have tried to make my session expired in 10 hours with this code:

我的应用程序有问题：我的应用程序有很多表单，需要大约1小时才能完成此表单，因为表单是动态的（可以添加其他表单）。问题是：我的Web服务器的会话是24分钟。当用户填写表单时，他们花了很多时间并且会话超时，因为服务器识别出用户处于非活动状态。表单提交，大多数数据丢失，用户返回登录页面时非常烦人。我尝试使用以下代码在10小时内使会话过期：

ini_set('session.gc_maxlifetime', '36000');

But it's not working in my server, is it possible my server preventing ini_set() function?

但它不能在我的服务器上运行，我的服务器可能会阻止ini_set（）函数吗？

So, what should I do for solving this problem? Can I prevent session timeout so that the session can be expanded to 10 hours? Or can I disable session expiration?

那么，我该怎么做才能解决这个问题呢？我可以阻止会话超时，以便会话可以扩展到10小时吗？或者我可以禁用会话到期吗？

Thanks

谢谢

5 个解决方案

#1

Instead of setting the time in ini to a fixed length, remind that session timeout is reset on reload. So create some ajax code that does a request every 5 minutes or so to a file (image or smth). This way the timer is reset every 5 minutes and users can spend a day filling out your forms.

不要将ini中的时间设置为固定长度，而是提醒重新加载时重置会话超时。因此，创建一些ajax代码，每5分钟左右对一个文件（图像或smth）执行请求。这样，计时器每5分钟重置一次，用户可以花一天时间填写表单。

#2

Here an example to prevent session timeout by using a jQuery Ajax call:

这是一个通过使用jQuery Ajax调用来防止会话超时的示例：

var refreshTime = 600000; // every 10 minutes in milliseconds
window.setInterval( function() {
    $.ajax({
        cache: false,
        type: "GET",
        url: "refreshSession.php",
        success: function(data) {
        }
    });
}, refreshTime );

in the refreshSession.php you can do something like session_start()

在refreshSession.php中你可以做类似session_start（）的事情

#3

I have had the same problem in the past. What I did to get around this was to place these two functions in a config file which gets included in every file.

我过去也遇到过同样的问题。我做的是将这两个函数放在一个配置文件中，该文件包含在每个文件中。

session_set_cookie_params(86400);
ini_set('session.gc_maxlifetime', 86400);

and just for safe measure this line in my .htaccess file

并且只是为了安全衡量我的.htaccess文件中的这一行

php_value session.gc_maxlifetime 86400

#4

Changing session.gc_maxlifetime using ini_set should work as long as you change the option before calling session_start. So doing the following should work:

只要在调用session_start之前更改选项，就可以使用ini_set更改session.gc_maxlifetime。所以做以下工作应该有效：

ini_set('session.gc_maxlifetime', 36000);
session_start();

You can also change that option in other contexts (see ChazUK’s answer).

您还可以在其他上下文中更改该选项（请参阅ChazUK的答案）。

But I wouldn’t set the cookie’s lifetime to a fixed value but make the session’s cookie a real session cookie that lasts until the browser session is ended (i.e. on browser close). You can do this by setting session.cookie_lifetime to 0.

但我不会将cookie的生命周期设置为固定值，但会使会话的cookie成为一个真正的会话cookie，持续到浏览器会话结束（即在浏览器关闭时）。您可以通过将session.cookie_lifetime设置为0来执行此操作。

Do also consider that PHP’s session expiration model is a little quirky as the lifetime calculation is based on the session data’s last modification date.

还要考虑PHP的会话到期模型有点古怪，因为生命周期计算基于会话数据的最后修改日期。

#5

How long a session cookie lasts is set when you create the session cookie. If you use the setcookie method, an argument of the method is the LENGTH for which you would like the cookie to last.

创建会话cookie时会设置会话cookie的持续时间。如果使用setcookie方法，则该方法的参数是您希望cookie持续的LENGTH。

Please refer to the PHP manual on the method for additional information: http://php.net/manual/en/function.setcookie.php

有关其他信息，请参阅该方法的PHP手册：http：//php.net/manual/en/function.setcookie.php

#1

#2