问题
I'm seeing some odd and frustrating behavior with ZF2 sessions and timeouts.
Here's the code I use to set up the session:
$sessionConfig = new \Zend\Session\Config\StandardConfig();
$sessionConfig->setOptions(array(
'cache_expire' => 525949,
'cookie_domain' => 'mydomain.com',
'cookie_lifetime' => 31536000,
'cookie_path' => '/',
'cookie_secure' => TRUE,
'gc_maxlifetime' => 31536000,
'name' => 'mydomain',
'remember_me_seconds' => 31536000,
'use_cookies' => TRUE,
));
$sessionManager = new \Zend\Session\SessionManager($sessionConfig);
$sessionManager->rememberMe(31536000);
$sessionManager->setSaveHandler(new \Zend\Session\SaveHandler\MongoDB($mongo, $options);
$session = new \Zend\Session\Container('MY_SESSION', $sessionManager);
When I execute this code, the cookie gets created but the expiration is end of session.
If I change the code like this:
$sessionManager = new \Zend\Session\SessionManager();
$sessionManager->rememberMe(31536000);
$sessionManager->setConfig($sessionConfig);
$session = new \Zend\Session\Container('MY_SESSION', $sessionManager);
the cookie gets created and the expiration is a year from now.
However, the session still expires after 30 minutes or so, even though the cookie remains.
What I want is for both the cookie and session to persist for a year. How do I accomplish this in ZF2?
回答1:
It looks like the issue has to do with the handling of the gc_maxlifetime option. In \Zend\Session\SaveHandler\MongoDB, this value is taken from the PHP configuration, via ini_get('session.gc_maxlifetime');
I don't see anywhere in \Zend\Session\SessionManager where ini_set() is being called.
The solution, I think, is to do one of the following:
- Edit php.ini and set the value globally
- Edit .htaccess and add php_value session.gc_maxlifetime
- Extend \Zend\Session\SessionManager and add a new method that calls ini_set() if the gc_maxlifetime option is supplied.
来源:https://stackoverflow.com/questions/16567673/zend-session-sessionmanager-and-cookie-lifetime