Updated, see the section regarding Symfony session configuration in PHP.ini
I have a website that contains multiple pages that are created using PHP and the Symfony v2.8 framework. For most of the pages in my website the default HTML/PHP session timeout is fine, but I have a couple of webpages that I'd like to keep the HTML/PHP session 'alive' indefinitely while the user is on those webpages.
I'm not the only one asking about this, see How to extend session cookie lifetime in Symfony?, which doesn't actually have an answer that extends the session 'life' of selected webpages as of this date, it only shows how to set the session expiration of all webpages in the site that use the same config.yml page, which is definitely not what I want to do.
I may be confused about the sessions, but from my understanding there seems to be two sessions, one for the HTML webpage that the user sees in the browser and one for PHP that controls how long variables keep their assigned values.
Either way, I have a login webpage where after successfully logging-in a login-expiration limit value is generated and then passed to the pages that the user navigates to within my website. As the user navigates to different page within my website or one of those web pages performs AJAX calls, the server checks that the requests occurred before the webpage's login-expiration limit value. If so then the request is honored and the new content is returned to the browser. If not, then the user is redirected to a webpage that tells them that they have been logged-out and provides a link to the original login webpage where the they may again log back in to continue to use my website.
This login and login-expiration limit is actually an artificially mechanism that ends and restarts the HTML/PHP session when new webpages are served to the user's browser, which works fine. If the user waits long enough, then the real PHP session expires and the server redisplays the initial homepage, where the user can choose to log back in, except that the PHP variables values that were set in the previous session are lost to the new session. This is a problem for me because the original URI query parameters in the user's original homepage request are used to configure the overall look of my website, which are lost, and the server sends the default webpage to the browser.
For most of my webpages, except for the loss of the PHP variable values, this is exactly what I want, but on a few webpages which act like a kiosk, I want to have the HTML/PHP sessions not timeout and solely rely on the regularly recurring AJAX calls that refresh the contents on those webpages and keep them alive. This works well for extending my artificial login limit, but these AJAX calls aren't preventing the HTML/PHP sessions from expiring, which eventually is seen when the user tries to navigate away from these pages or when a server error occurs when a server-side variable has lost its value.
How can I programmatically extend the 'life' of the HTML/PHP sessions with each AJAX call that the session receives or set it to indefinitely stay 'alive' when these pages are first served?
Symfony session configuration in PHP.ini
I'm including some of the entries in the PHP.ini Session section that configure how sessions are implemented in my Symfony/PHP.
[Session]
?��
; Initialize session on request startup and recommended by Symfony v2.8.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
?��
; Defines the probability that the 'garbage collection' process is started
; on every session initialization. ...
session.gc_probability = 1
; Defines the probability that the 'garbage collection' process is started on
; every session initialization. ...
session.gc_divisor = 1000
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440
?��
; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache
; Document expires after n minutes.
session.cache_expire = 180
?��
Here is an official Symfony v2.8 article on how to interact with Symfony sessions, Session Management, but it doesn't talk about extending sessions. The session.cookie_lifetime = 0 setting assignment from the PHP.ini Session section controls the "Lifetime in seconds of cookie or, if 0, until browser is restarted". However, this doesn't actually appear to work as described, because after a while, at least an hour or more, if the user navigates to another webpage in my site, away from one of the webpages that use AJAX calls to update the user's login expiration limit to prevent the user from being automatically logged-out, the user IS logged-out and redirected to my website's homepage, but the variables controlling how the website looks loose their values and the homepage is shown with the default values.
Note, in this case, the user being logged-out isn't a problem, but the loss of the variables is.
Saving these values in the browser's local storage doesn't seem like a good idea because the server would have to send a page to the user's browser and have the new webpage fetch and send them back to the server so that these values could be used in creating additional webpages.
Storing these values in a database also is a problem because the server has lost the variables that would allow the web-app to look-up the database record. Note, the webpages already send these login-id and login-expiration limit values in the page request, but these can't be used to access server-side variables after they are lost. Also, there is the problem that anything stored in the database would simply clutter up the database should a user not logout and simply go to a website outside my own, but not return. I'd need to implement additional garbage collection to prevent this. This is not optimal unless there really isn't a better way to do what I'm trying to do in order to maintain the server-side variables in a user's session.
Thank you.
You can use subdomains for those specific pages where you want extended session time. For those subdomains you can increase the timeout keeping the main domain session timeout unchanged.
e.g let assume your domain is abc.com which has a timeout of 30 min. You need to have a subdomain like mno.abc.com and have a timeout of 60 min. When user clicks on the specific links with mno.abc.com they will have 60 min session timeout. You can share session information between abc.com and mno.abc.com see Sharing SESSION Variables Between Multiple Subdomains for additional reading.
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
Symfony compares favorably with other PHP frameworks in terms of reliability and maturity. This framework appeared a long time ago, in 2005, that is, it has existed much longer than most of the other tools we are considering. It is popular for its web standards compliance and PHP design patterns.
https://symfony.com/
HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet.
Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.