Posted by Jochem Maas on 02/22/05 13:25

Brett Patterson wrote:
> Well, if you look in your phpinfo() file, you will see a SESSION_TIMEOUT or
> SESSION_LENGTH value that is something like 180000... different for each
> server.
>
> If you hold all your session values in the array, then you can use
> session_destory(); as long as session_start() is previous to that.

ie. you must have an active session for php to destroy it.

>
> I am under the impressions that both Sessions and Cookies are stored on the
> user end, but I may be wrong.

the contents of $_SESSION are stored on the server only (unless your doing something very convoluted
or wrong IMHO) when a session is started a cookie is also sent to the browser
(under certain conditions the session id will be passed via GET param instead - BTWWF),
the value of the cookie is the session id, which is used to recognise the browser
(when session_start() is called).

....

>
> What is also the default life span of a session object? and can this
> bechanged?

check your php config:

<? phpinfo();

you can set the lifetime in your script, more info here:
http://php.net/session


--
BTWWF - Browse The Web (With Firefox ;-)

[Back to original message]