[thelist] PHP Sessions question

Carl J Meyer cjmeyer at npcc.net
Sat Dec 14 14:52:00 CST 2002


On Fri, 2002-12-13 at 10:21, Jake Aust wrote:
> Is there any way to tell if a particular session_id has expired...given that
> the program that is checking it is not running in the browser of the user
> that created the session?

Sure - how to do it depends on what session save_handler you're using.
I use a Postgres DB for handling my session data, so it's a fairly
simple matter of querying the session table.  Chances are you're using
the default handler 'files' (which you should be careful with, btw, as
it's not set up to handle concurrency issues very well), so session info
is stored in files in (I believe) the /tmp directory.  You'd have to
look into the format of those files and how you could pull the
expiration info out.

Alternatively, if you know the session ID, you might just be able to set
$_REQUEST['PHPSESSID'] = <session_id>
(where PHPSESSID is the session name) and then call session_start() and
check to see if some session data is set.  Haven't tried that so I don't
know for sure if it would work.

> Otherwise, is there a way to get the creation date of a file through PHP. I
> could do it that way...just check to see if the file is older than my
> session expiration setting.

Sure, this is likely the easiest way to solve your problem.  Check the
PHP manual (http://www.php.net/manual) on the functions filemtime(),
filectime(), fileatime().


More information about the thelist mailing list