Login timeout setting

by jtojnar, Tuesday, November 22, 2022, 17:11 (380 days ago) @ micha83x

Is there a different way to keep the session alive, e.g. by cron job?

Not really, at least not a simple one. You could copy the session cookie and then replicate a browser request using e.g. curl but that likely will not work on shared hosting so you would need an extra script. And then update the session cookie each time it expired.

I think your best option would indeed be setting session.save_path as you mention (sorry, I missed your last post). Something like the following patch should work after creating the data/cache/sessions directory (though I have not tested it thoroughly):

--- a/src/common.php
+++ b/src/common.php
@@ -11,6 +11,15 @@ use Monolog\Logger;
 require __DIR__ . '/constants.php';
+ini_set('session.gc_maxlifetime', 30 * 24 * 60 * 60); // 30 days
+// Use a custom session directory so that sessions are not garbage collected by other services.
+ini_set('session.save_path', __DIR__ . '/../data/cache/sessions');
+// Restore the default probability to make GC run in 1/100 requests.
+// This is in case a web host disables GC in favour of a cron script,
+// which would not know about our custom save path.
+ini_set('session.gc_probability', 1);
+ini_set('session.gc_divisor', 100);
  * @param string $message

Of the few downsides, I can see:

Complete thread:

 RSS Feed of thread

powered by my little forum