session_gc

(PHP 7 >= 7.1.0, PHP 8)

session_gc — Perform session data garbage collection

说明

session_gc(): int|false

session_gc() is used to perform session data GC (garbage collection). PHP does probability based session GC by default.

Probability based GC works somewhat but it has few problems. 1) Low traffic sites' session data may not be deleted within the preferred duration. 2) High traffic sites' GC may be too frequent GC. 3) GC is performed on the user's request and the user will experience a GC delay.

Therefore, it is recommended to execute GC periodically for production systems using, e.g., "cron" for UNIX-like systems. Make sure to disable probability based GC by setting session.gc_probability to 0.

参数

此函数没有参数。

返回值

session_gc() returns number of deleted session data for success, false for failure.

Old save handlers do not return number of deleted session data, but only success/failure flag. If this is the case, number of deleted session data became 1 regardless of actually deleted data.

示例

示例 #1 session_gc() example for task managers like cron

<?php
// Note: This script should be executed by the same user of web server process.

// Need active session to initialize session data storage access.
session_start();

// Executes GC immediately
session_gc();

// Clean up session ID created by session_gc()
session_destroy();
?>

示例 #2 session_gc() example for user accessible script

<?php
// Note: session_gc() is recommended to be used by task manager script, but
// it may be used as follows.

// Used for last GC time check
$gc_time = '/tmp/php_session_last_gc';
$gc_period = 1800;

session_start();
// Execute GC only when GC period elapsed. 
// i.e. Calling session_gc() every request is waste of resources. 
if (file_exists($gc_time)) {
    if (filemtime($gc_time) < time() - $gc_period) {
        session_gc();
        touch($gc_time);
    }
} else {
    touch($gc_time);
}
?>

参见

session_start() - 启动新会话或者重用现有会话
session_destroy() - 销毁一个会话中的全部数据
session.gc_probability

改进此页面

了解如何改进此页面 • 提交拉取请求 • 报告一个错误

＋添加备注

用户贡献的备注 1 note

down

ridaelkouri at gmail dot com ¶

10 days ago

The session.gc() function does not seem to work alone. it deletes the data on the server but the data remains on the browser in the form of the cookie. the following code deletes the session files on the server but not on the browser. 

ini_set('session.gc_maxlifetime', 10);
ini_set('session.gc_probability', 1);
ini_set('session.gc_divisor', 1);

// Start the session
session_start();
$_SESSION['test'] = 'temporary data';

session_write_close();

// Wait for 15 seconds to ensure the session expires
sleep(15);

// Manually start the session again to trigger session handling
session_start();

session_gc();

// Check if the session data is still available
if (isset($_SESSION['test'])) {
    echo "Session is still active.";
} else {
    echo "Session expired and file deleted.";
}

but this code delete the session files on the server and also deletes the cookie as well as making the super global empty:

session_start();
$_SESSION['test'] = 'temporary data';

session_write_close();

// Wait for 15 seconds to ensure the session expires
sleep(15);

session_start();

// Manually trigger garbage collection
setcookie(session_name(), '', time() - 10);
$_SESSION = [];
session_gc();

// Check if the session data is still available
if (isset($_SESSION['test'])) {
    echo "Session is still active.";
} else {
    echo "Session expired and file deleted.";
}