View Single Post
Old 2017-02-02, 20:19   #1194
Madpoo
Serpentine Vermin Jar
 
Madpoo's Avatar
 
Jul 2014

327710 Posts
Default

Quote:
Originally Posted by Mark Rose View Post
Yeah, in php.ini, set session.auto_start to 0 (which is the default). You'll have to modify the PHP code to detect if a session cookie is present and at that point call session_start appropriately.
I'll have to test that.

For now, I found the part about using "N;<path>" to set the session path, where N is the # of subdirectory levels. I set it to 1 for now and moved all existing files (had to stop the web server temporarily while moving them).

I also modified my custom cleanup task (the PHP garbage collector never seemed to run) to not only clean out stuff older than the expiration, but also to nuke any zero-byte sessions. That'll tide me over until I can see how to keep sessions from being created until/unless there's a login.

One final change was to modify the cookie expiration to 30 days instead of 7.

I learned a lot of PHP cookies and sessions.
Madpoo is offline   Reply With Quote