session_save_path

(PHP 4, PHP 5)

session_save_pathLit et/ou modifie le chemin de sauvegarde des sessions

Description

string session_save_path ([ string $path ] )

session_save_path() retourne le chemin du dossier actuellement utilisé pour sauver les données de sessions.

Liste de paramètres

path

Chemin des données de session. Si path est spécifié, le chemin du dossier sera modifié. session_save_path() doit être appelé avant session_start().

Note:

Sur certains systèmes d'exploitation, vous aurez à choisir un chemin vers un dossier capable de gérer un grand nombre de petits fichiers efficacement. Par exemple, sous Linux, reiserfs peut se rendre plus efficace que ext2fs.

Valeurs de retour

Retourne le chemin du dossier courant utilisé pour y stocker les données.

Voir aussi

add a note add a note

User Contributed Notes 9 notes

up
6
mdibbets at outlook dot nospam
1 year ago
I made a folder next to the public html folder and placed these lines at the very first point in index.php

Location of session folder:

/domains/account/session

location of index.php

/domains/account/public_html/index.php

What I placed in index.php at line 0:

<?php
ini_set
('session.save_path',realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/../session'));
session_start();

This is the only solution that worked for me. Hope this helps someone.
up
5
alvaro at demogracia dot com
4 years ago
Debian does not use the default garbage collector for sessions. Instead, it sets session.gc_probability to zero and it runs a cron job to clean up old session data in the default directory.

As a result, if your site sets a custom location with session_save_path() you also need to set a value for session.gc_probability, e.g.:

<?php
session_save_path
('/home/example.com/sessions');
ini_set('session.gc_probability', 1);
?>

Otherwise, old files in '/home/example.com/sessions' will never get removed!
up
4
sampathperera at hotmail dot com - Sri Lanka
6 years ago
Session on clustered web servers !

We had problem in PHP session handling with 2 web server cluster. Problem was one servers session data was not available in other server.

So I made a simple configuration in both server php.ini file. Changed session.save_path default value to shared folder on both servers (/mnt/session/).

It works for me. :)
up
0
hi at chintan dot pw
1 month ago
To Change the session path to a sub folder of your projects

ini_set('session.save_path',getcwd(). '/tmp');

saves the session in "tmp" folder.
up
-2
Matthias H. (DE)
4 years ago
Under PHP for Windows, you can improve the speed, when you store all session-files on ramdisk. A freeware-ramdisk you can download by http://www.techsnack.net/gavotte-ramdisk-free-virtual-hardisk .

A other alternativ is store you session-datas to apc-user-cache (see php-apc-extension).
up
-3
branislav dot ristic at gmail dot com
4 years ago
After a lot of searches, tests and pain, the only one that worked for me was this:

session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/../session'));
up
-5
TK
4 years ago
After a search for the cause of a issue causing users to have to login twice, I've found a call to session_save_path() was the culprit.

What was happening was: the session save path was set, a session was opened, some variables were set and the session was closed.  This was resulting in an empty file in the specified session save path and of course no session data on the next page load.  Oddly, on the second attempt the data was saved as expected.

I found that removing the call to session_save_path() resolved the issue.  My final solution was to replace the call to session_save_path($path) with an equivalent call to ini_set('session.save_path', $path).
up
-5
a9504778 at unet dot univie dot ac dot at
13 years ago
dont forget: if you use session_save_path on the page, that registers a variable, you have also to use session_save_path on all the pages, where you access the session-variable. under win32 you can use the double \\ to specify eg "c:\\temp\\"
up
-7
webmaster at gardenchemicals dot co dot uk
10 years ago
This is an absolute must if you have an important login on a shared server. Without it, other users of the server can do the following to bypass login:

* Visit login page, browse through cookies and grab the session id.
* Create a PHP script on their account that grabs and sets session variables for a given session id.
* Read and change any values for that session id (for example passwords or session keys), and therefore gain access to the protected area.

All users on web hosting should choose an dir below the HTTP directory struct, but within their user area to store the session files.
To Top