databaseSession_lifetime is ignored if session.gc_maxlifetime is higher #8134
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Basic Information
I moved my forum to a new server that has session.gc_maxlifetime set to one week in php.ini. My SMF sessions table then grew so large that its cleanup queries were taking 10+ minutes and blocking other connections. I see that the Cookies and Sessions settings page has a "Seconds before an unused session timeout" setting (mine is set to 2880), which corresponds to a databaseSession_lifetime variable. But in the sessionGC() function in Session.php, that gets ignored if it is lower than session.gc_maxlifetime.
I see why a lower value would be ignored in that function, because that function will only be called as often as session.gc_maxlifetime anyway. But it isn't mentioned on the settings page or in the help text that this setting will be ignored. I think you could resolve this by setting session.gc_maxlifetime to the databaseSession_lifetime value in the loadSession() function. Then SMF would use the "Seconds before an unused session timeout" setting regardless of the php.ini settings.
BTW, the one week session.gc_maxlifetime value in php.ini is appropriate for the other applications on my server, so the ability to override it specifically for SMF would be ideal. Since that setting is already displayed in SMF, we're almost there, and just need to use that value in all cases.
Steps to reproduce
Expected result
The number of sessions more than 2880 seconds old would remain fairly small, resetting each time the garbage collection runs.
Actual result
The number of sessions more than 2880 seconds old grows continuously for a week at a time.
Version/Git revision
2.1.4
Database Engine
MySQL
Database Version
8.0.30
PHP Version
8.0.30
Logs
No response
Additional Information
No response
The text was updated successfully, but these errors were encountered: