I have a symfony2 project with a page to write the report of a meeting. It means the user can stay on this page and type for 2 hours without loading any new page. So when the user sends the form, his session has expired and he is sent to the login page. And he loses everything he typed.
I've already seen this post "symfony2 session lifetime" so here is my config.yml :
framework:
session:
handler_id: ~
cookie_lifetime: 86400
gc_maxlifetime: 108000
So a 24 hours cookie lifetime and a 30 hour garbage collector... Still, I tried staying 1 hour on the page and I am disconnected...
Any idea where to look at ? Thanks !
So, it looks like changing symfony's config.yml doesn't work. But after modifying the gc_maxlifetime to 108000 in my php.ini it works, I am not disconnected after some idle time.
I guess this might be linked to the handler_id: ~ (which is default), but I don't really know why... Anyway, works this way :)
Try these settings:
framework:
session:
cookie_lifetime: 60 #60 seconds
gc_maxlifetime: 50 #50 seconds - only needed for testing. Dont use this in a production environment
gc_probability: 1 #only needed for testing. Dont use this in a production environment
gc_divisor: 1 #only needed for testing. Dont use this in a production environment
You can see them over here: https://codedump.io/share/9eVPS5otSIuk
Related
There is Symfony 4 app with PdoSessionHandler where session duration is supposed to be 10 hours eg 36000 seconds.
framework.yaml has: cookie_lifetime: 86400
php.ini has: session.gc_maxlifetime 36000
However sess_lifetime in sessions table is still 1440.
How to make sure that session lifetime would be 10 hours?
Turned out that framework.yaml had another parameter that was overwriting php.ini value.
Changing this value helped:
framework:
session:
gc_maxlifetime: 36000
See https://symfony.com/doc/current/reference/configuration/framework.html#gc-maxlifetime
I try to change the session timeout in php so how it's possible.
and What is the default session timeout value in PHP?
I work on my XAMP localhost for development everyday.
I feel annoyed by phpmyadmin auto log out out quickly. Is there any way I change the session timeout?
Where can I set this timeout value?
Yes you can change it from php.ini file. The default is 24 minutes (1440 seconds).
Here is an link hope this link helps you.
max session time
Or you can also chage it in php connection file.
ini_set('session.gc_maxlifetime', 3600); //Make it one hour
How to change the default session lifetime in Silex.
The default value is 30mn;
The doc http://silex.sensiolabs.org/doc/providers/session.html#usage is giving a clue but doesn't show an example how to do it.
When I set a session like this:
$app['session']->set('username', 'my username');
The session variable is set but it expires in 30mn.
Silex uses the Symfony Components. You can set the expiration using the migrate method for a certain session.
E.g.: $app['session']->migrate(false, 3600);
Docs
To set the expiration for all sessions:
$app['session.storage.options'] = [
'cookie_lifetime' => 3600
];
Source
Don't forget that you must have some coherence between lifetime settings in Silex and lifetime settings in your php.ini.
By default, PHP lifetime sessions are set to 1440 seconds. If you don't change this default value, the session garbage mecanism (run by /etc/cron.d/php5) will remove "old" sessions (i.e. sessions with 1440 seconds of inactivity).
Here is the explaination of /etc/cron.d/php5 :
# This purges session files in session.save_path older than X,
# where X is defined in seconds as the largest value of
# session.gc_maxlifetime from all your SAPI php.ini files
# or 24 minutes if not defined. The script triggers only
# when session.save_handler=files.
#
# WARNING: The scripts tries hard to honour all relevant
# session PHP options, but if you do something unusual
# you have to disable this script and take care of your
# sessions yourself.
My Symfony2 application displays a main page, and from there on it primarily uses AJAX requests to display content to the user via modals.
I've noticed that after the user is idle for some period of time (around 15-30 minutes) the session is destroyed, and the user is logged out and needs to log in again. This is incredibly frustrating, since I can't expect users to log in again every time they've been idle for a few minutes.
As far as I can tell, this problem should not be happening according to my config.yml file, which is as follows:
framework:
session:
cookie_lifetime: 0 # Session lifetime in seconds
gc_maxlifetime: 28800 # Seconds after which data will be seen
# as garbage and potentially cleaned up
handler_id: ~ # Current using the default session handler
For completeness, my current environment is as follows:
Symfony 2.4.8
PHP 5.4
Session handler: default (file-based according to php.ini)
Ubuntu Server 12.10
Summary:
What should be happening: users should not be logged out, even after being idle for hours
What is actually happening: users are being logged out after being idle for 15-30 minutes
How can I fix this?
The problem:
It turns out that on Debian / Ubuntu systems, there is a system cronjob which runs every 30 minutes, cleaning out all "old" sessions. Herein lies the problem.
The cronjob doesn't actually know what constitutes "old". The cronjob simply calls a PHP-CLI script located at /usr/lib/php5/maxlifetime which then removes all session files that exceed a certain age. Since the script is involved by PHP-CLI, and independently of Symfony2, it has no idea what values you specified for gc_maxlifetime and cookie_lifetime in your Symfony2 config file. Instead, if just defaults to using the session.cookie_lifetime and session.gc_maxlifetime values from the /etc/php5/cli/php.ini config file, which by default, is 24 minutes. So no matter what you specify in your Symfony2 config file, if you are idle for too long, your session will be removed.
The solution:
Either delete the cronjob file at /etc/cron.d/php5 or,
Store your sessions in a database where they can't be touched by the cronjob
I set remember me cookie set to default, and then in security.yml
security:
firewalls:
main:
form_login:
remember_me: true
remember_me:
key: mycookie
lifetime: 2592000 # 30 days
path: /
domain: ~
always_remember_me: true
My first answer seems not suitable for your issue. Maybe this one will help.
Do you clear Symfony cache between your requests ?
Extract of symfony documentation :
save_path
type: string default: %kernel.cache.dir%/sessions
This determines the argument to be passed to the save handler. If you
choose the default file handler, this is the path where the session
files are created. For more information, see Configuring the Directory
where Session Files are Saved.
You can also set this value to the save_path of your php.ini by setting the value to null.
By default, Symfony stores sessions in the cache directory that is emptied while clearing cache...
Extract of symfony documentation :
cookie_lifetime
type: integer default: null
This determines the lifetime of the session - in seconds. It will use
null by default, which means session.cookie_lifetime value from
php.ini will be used. Setting this value to 0 means the cookie is
valid for the length of the browser session.
So, 0 is not infinite session BUT browser session... You should define a big amoutn of seconds and test it.
Travis T, I went the simplest route of all. I said
nano /etc/cron.d/php5
This opened the file showing the tremendously long crontab code that purges your session by default every 30 mins. The script was preceded by a #, and all I did was uncomment both lines by removing the #. So:
# Look for and purge old sessions every 30 minutes
# 09, 39, * * * * root #[ -x /usr/lib/php5/maxlifetime ] && [ etc
it's a long file.....]
I just removed the 2 #'s in front of Look and 09. That's it !
Summary: Application developed on PHP Symfony 1.4.8 loses symfony session values randomly but exclusively on specific production environment: array symfony/user/sfUser/attributes gets empty within seconds or minutes after user authentication. Issue doesn't occur on development machine or at any other production environment.
It seems to be clear the issue is specific to the failing server, However, I wonder if could there be any PHP / Apache / Symfony configuration I might be missing that could solve the issue at the failing server?
Failing Server PHP Info:
PHP Version 5.3.10
System SunOS 5.10
Apache/1.3.41 (Unix) PHP/5.3.10 mod_ssl/2.8.31 OpenSSL/0.9.8p
Max Requests Per Child: 0 - Keep Alive: on - Max Per Connection: 100
Timeouts Connection: 300 - Keep-Alive: 15
Session Support: enabled
Registered save handlers: files user sqlite
Registered serializer handlers: php php_binary
session.cache_expire: 180
session.cache_limiter: nocache
session.cookie_lifetime: 0
session.gc_divisor: 100
session.gc_maxlifetime: 1440
session.gc_probability: 1
session.use_cookies: On
session.use_only_cookies: On
Working Server PHP Info:
PHP Version 5.2.17
System Linux 2.6.32.59-sg2 #3 SMP
Apache/1.3.42 (Unix) mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Session Support: enabled
Registered save handlers: files user sqlite memcache
Registered serializer handlers: php php_binary wddx
session.cache_expire: 180
session.cache_limiter: nocache
session.cookie_lifetime: 0
session.gc_divisor: 1000
session.gc_maxlifetime: 1440
session.gc_probability: 1
session.use_cookies: On
session.use_only_cookies: Off
Symfony Session Settings for both servers at All environments:
storage:
class: sfSessionStorage
param:
session_name: webapp
user:
class: myUser
param:
timeout: 7200
I have already checked over this similar issue Symfony 1.4 sessions randomly lost, however I am not using the sfMemcacheCache class.
Let me know if you might need any extra info to answer this question.
This is probably an obvious thing to check, but maybe the server's out of disk space?
The default session store is file-based, so if you're losing data at random it sound like you're having some hard drive/file system issues.
If you're still curious, you can try changing the location where sessions are stored to another location, hopefully on a different disk.
You probably need to set following settings in your factories.yml file as :
storage:
class: sfSessionStorage
param:
session_name: webapp
session_cookie_lifetime: 2678400 # number of seconds for 1 month
& then remove your cache & reload the website and your SESSION COOKIE will stay active for 1 month.