Set Session Expiration Time Manually-CodeIgniter

session automatically expires in codeigniter
codeigniter session timeout problem
how to set session in codeigniter with example
codeigniter session expiration not working
codeigniter session timeout inactivity
session not working in codeigniter
codeigniter get session data in controller
codeigniter set session in model

How can I set session expiration time dynamically in codeigniter?

For example, if a user logs in and has the role of admin, the expiration time should be longer than if a user logs in who does not have an admin role.

Thanks.

You can update your session expiration time by increasing this variable in config file:

$config['sess_expiration'] = 'somevalue'.

Set $config['sess_expiration'] = 0, if you want it to never expire.

Here's a good discussion on CI forums:

Dynamically set configuration on session expire doesn’t work

Session Library, To initialize the Session class manually in your controller constructor, use the If the expiration is omitted or set to 0, the default time-to-live value of 300  You can update your session expiration time by increasing this variable in config file: $config['sess_expiration'] = 'somevalue'. Set $config['sess_expiration'] = 0 , if you want it to never expire.

$data = array(
'username' => $this->input->post('username'),
'ADMIN_is_logged_in' => true
);

$this->session->sess_expiration = '14400';// expires in 4 hours
$this->session->set_userdata($data);// set session

Session Library, Dynamically set configuration on session expire doesn't work I have created an authentication library which uses CodeIgniter's session class. By default the session cookie remains alive for 7200 seconds as set on [quote author="​nlogachev" date="1277319393"]I needed to do the same thing, and  CodeIgniter also supports “tempdata”, or session data with a specific expiration time. After the value expires, or the session expires or is deleted, the value is automatically removed. Similarly to flashdata, tempdata variables are managed internally by the CodeIgniter session handler.

None of these solutions address doing this dynamically or require another variable to be added to the session. The solution I came up with for CI 3.0.4 is to extend Session.php.

  1. Create file application/libraries/Session/MY_Session.php

  2. Put the following into the file and modify for your logic of setting the $expiration variable. In my case I am pulling the value from a database. NOTE: If you have different expiration values per user type; there is a chance they could get garbage collected and expire unexpectedly due to different expirations with the same session. In this case I do NOT recommend this approach.

    <?php
    class MY_Session extends CI_Session 
    {
        public function __construct(array $params = array())
        {
            parent::__construct($params);
        }
    
        /**
         * Configuration
         *
         * Handle input parameters and configuration defaults
         *
         * @param   array   &$params    Input parameters
         * @return  void
         */
        protected function _configure(&$params)
        {
            $CI =& get_instance();
            $phppos_session_expiration = NULL;
    
            $CI->db->from('app_config');
            $CI->db->where("key", "phppos_session_expiration");
            $row = $CI->db->get()->row_array();
            if (!empty($row))
            {
                if (is_numeric($row['value']))
                {
                    $phppos_session_expiration = (int)$row['value'];
                }
            }
    
            $expiration = $phppos_session_expiration !== NULL ? $phppos_session_expiration : config_item('sess_expiration');
    
            if (isset($params['cookie_lifetime']))
            {
                $params['cookie_lifetime'] = (int) $params['cookie_lifetime'];
            }
            else
            {
                $params['cookie_lifetime'] = ( ! isset($expiration) && config_item('sess_expire_on_close'))
                    ? 0 : (int) $expiration;
            }
    
            isset($params['cookie_name']) OR $params['cookie_name'] = config_item('sess_cookie_name');
            if (empty($params['cookie_name']))
            {
                $params['cookie_name'] = ini_get('session.name');
            }
            else
            {
                ini_set('session.name', $params['cookie_name']);
            }
    
            isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path');
            isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain');
            isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure');
    
            session_set_cookie_params(
                $params['cookie_lifetime'],
                $params['cookie_path'],
                $params['cookie_domain'],
                $params['cookie_secure'],
                TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons
            );
    
            if (empty($expiration))
            {
                $params['expiration'] = (int) ini_get('session.gc_maxlifetime');
            }
            else
            {
                $params['expiration'] = (int) $expiration;
                ini_set('session.gc_maxlifetime', $expiration);
            }
    
            $params['match_ip'] = (bool) (isset($params['match_ip']) ? $params['match_ip'] : config_item('sess_match_ip'));
    
            isset($params['save_path']) OR $params['save_path'] = config_item('sess_save_path');
    
            $this->_config = $params;
    
            // Security is king
            ini_set('session.use_trans_sid', 0);
            ini_set('session.use_strict_mode', 1);
            ini_set('session.use_cookies', 1);
            ini_set('session.use_only_cookies', 1);
            ini_set('session.hash_function', 1);
            ini_set('session.hash_bits_per_character', 4);
        }
    
    }
    

Dynamically set configuration on session expire doesn't work, For some reason the expire time is not set correct for cookie On my config.php session Sometimes the manual just SUCKS! Find · Reply. When a user logs in, set a session variable with the time of login. Create custom controller that contains a function in the constructor to check if the user is not admin user and if the timeout has expired. If it has, call $this->session->destroy(); Now, make all your controllers extend that controller instead of the CI base controller.

You can handle this with a custom controller. When a user logs in, set a session variable with the time of login. Create custom controller that contains a function in the constructor to check if the user is not admin user and if the timeout has expired. If it has, call $this->session->destroy(); Now, make all your controllers extend that controller instead of the CI base controller.

[Solved] Codeigniter not setting correct expire time for cookie, I read that EE/Codeigniter's default session timeout is 2 hours, but when I test my I checked my phpinfo() and it's set to the normal 1440, which I assume is own​, I added a bit of code to unset my session variable manually, which works just fine: (time() - $_SESSION['LAST_ACTIVITY'] > 1440)) { // last request was more​  The name used for the session cookie. sess_expiration: 7200 (2 hours) Time in seconds (integer) The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0: sess_save_path: NULL: None: Specifies the storage location, depends on the driver being used. sess

Session will expire in 10 seconds

$config['sess_expiration']= 10;

Session will not expire

$config['sess_expiration']= 0;

What's the default session timeout?, CodeIgniter comes with a few session storage drivers, that you can see in the If you want to add session data one value at a time, set() also CodeIgniter also supports “tempdata”, or session data with a specific expiration time. of this by hand, you can use the session:migration command from the cli to  Simple way of PHP session expiry in 30 minutes. Note : if you want to change the time, just change the 30 with your desired time and do not change * 60: this will gives the minutes. In minutes : (30 * 60) In days : (n * 24 * 60 * 60 ) n = no of days.

Session Library, To initialize the Session class manually in your controller constructor, use the Tempdata¶. CodeIgniter also supports “tempdata”, or session data with a specific expiration time. If you would like a non-expiring session set the value to zero: 0. If you use PHP's default session handling, the only way to reliably change the session duration in all platforms is to change php.ini.That's because in some platforms, garbage collection is implemented through a script that runs every certain time (a cron script) that reads directly from php.ini, and therefore any attempts at changing it at run time, e.g. via ini_set(), are unreliable and most

How to check session expired when user is idle codeigniter, How can I set session expiration time dynamically in codeigniter?For example, if a user logs in and has the role of admin, the expiration time  In the right panel, double-click the Set time limit for active but idle Remote Desktop Services sessions policy: in the modal window that will appear, activate it by switching the radio button from Not configured to Enabled, then set the desired amount of time in the drop-down list right below.

How to store variable in session codeigniter, session_set_cookie_params — Set the session cookie parameters The session WILL expire after $lifetime seconds, no matter how many times the user  Well I would check to make sure that your server time is set correct, this can cause all kinds of session problems if the server time is not set correctly. InsiteFX El Forum

Comments
  • People keep upvoting this, but I think by reading the description this is not what the OP was asking for. He says "manually" which would be accomplished by this answer (a constant value in the config), but if you read what he's actually trying to do he means "dynamically" based on which user role is logged in. So setting the value in the config file will not help, because it will be the same value no matter the user role.
  • yeah, I agree. After figuring out this step he's going to ultimately want to set it dynamically to accomplish what he's really asking for. So that's why my answer earlier would really help his cause. Upvote that one for the foresight :).
  • @Juventus 18, yeah..that's what i mean
  • I find that setting sess_expiration doesn't prevent expiration of the session and my session data is stored in the database.
  • I have made an edit to the original post to make it more clear what the questioner is asking for.
  • How do you calculate '14400' as 4 hours?
  • @JuliverGalleto, 60 seconds * 60 minutes * 4 hours = 14400.
  • No, changing the session expiration time after it has already been initiated doesn't and won't work, I've tested this today.
  • When the code arrives to a custom controller the session has already started, so it won't work. It's probably needed to extend the Session file class.
  • @giovannipds You would need a session started to decide whether to destroy it, correct? cant decide on null/unknown data...
  • Where to put this file?
  • No, changing the session expiration time after it has already been initiated doesn't and won't work, I've tested this today.
  • it was working 4 years ago :D I will test and I will republish the answer again
  • No, changing the session expiration time after it has already been initiated doesn't and won't work, I've tested this today.
  • He's asking how to do that dynamically, not manually. He probably already know these config.php settings.