我正在尝试更改默认会话超时值。在我的控制器中,我这样做了:
public function beforeAction($action) {
$session = new CHttpSession;
$timeout = $session->getTimeout();
if ($timeout != 10) {
$session->setTimeout(10);
}
return true;
}
但是我的会话永远不会超时,即使在不活动 10 秒后我也可以访问该页面。
我还尝试通过会话组件的配置来做到这一点,如下所示:
'session' => array(
'sessionName' => SITE_SESSION_COOKIE_NAME,
'class' => 'CHttpSession',
'timeout' => 10
),
但同样的结果。会话剂量超时!我错过了什么吗?
class数组中的显然session应该是CDbHttpSession为了这个工作。有关类似问题,请参见此处。
尝试在配置中关闭自动启动会话:
'session' => array( 'sessionName' => SITE_SESSION_COOKIE_NAME, 'class' => 'CHttpSession', 'autoStart' => false ),
在这种情况下,您需要手动启动 session: Yii::app()->session->open(),但在更改生命周期之前尝试执行以下操作:
Yii::app()->session->open($session_lifetime); $cook_p = Yii::app()->session->getCookieParams(); $cook_p['lifetime'] = $session_lifetime; Yii::app()->session->setCookieParams($cook_p);
或者您可以使用新参数继承 CHttpSessionlifetime并在方法中执行init():
class MyHttpSession extends CHttpSession{ public $lifetime = false; public function init() { if($this->lifetime !== false){ $cook_p = $this->getCookieParams(); $cook_p['lifetime'] = $this->lifetime; $this->setCookieParams($cook_p); $this->setTimeout($this->lifetime); } parent::init(); }}
并在配置中:
'session' => array( 'sessionName' => SITE_SESSION_COOKIE_NAME, 'class' => 'MyHttpSession', 'lifetime' => 60 // 1 minute ),
基于用户处于非活动状态 30 分钟的会话超时,在配置中:
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=> true,
'autoRenewCookie'=> true,
'authTimeout' => 1800
),
'session' => array(
'class' => 'FrontCHttpSession',
'savePath' => dirname(__FILE__),
'cookieMode' => 'allow',
'cookieParams' => array(
'path' => '/',
'domain' => 'mydomain.com',
'httpOnly' => true,
'lifetime' => 1800
),
'timeout' => 1800
),
扩展的 session 类,类似的思路可以用于 CDbHttpSession
<?php
class FrontCHttpSession extends CHttpSession
{
/*default is 0 which means the cookie lifetime will last as long as the browser is open*/
private $_clientLifetime;
/*time in seconds how long the session should remain open after user in-activity*/
private $_sessionTimeout;
/*cookie params defined in config*/
private $_cookieParams;
/**
* Starts the session if it has not started yet.
*/
public function open()
{
$this->_cookieParams = $this->getCookieParams();
$this->_clientLifetime = $this->_cookieParams['lifetime'];
$this->_sessionTimeout = $this->timeout;
if($this->getUseCustomStorage())
@session_set_save_handler(array($this,'openSession'),
array($this,'closeSession'),
array($this,'readSession'),
array($this,'writeSession'),
array($this,'destroySession'),
array($this,'gcSession'));
//session is already started, check if session has been not been active longer than timeout
if (session_id() != '')
{
if ($this->get('last_active') < time() - $this->_sessionTimeout)
{
$this->destroy();
}
else if ($this->_clientLifetime > 0)
{
$this->updateSessionCookieExpire();
}
}
@session_set_cookie_params($this->_clientLifetime, array($this->_cookieParams['path'],
$this->_cookieParams['domain'], $this->_cookieParams['secure'], $this->_cookieParams['httpOnly']));
@session_start();
$this->add('last_active', time());
if(YII_DEBUG && session_id()=='')
{
$message=Yii::t('yii','Failed to start session.');
if(function_exists('error_get_last'))
{
$error=error_get_last();
if(isset($error['message']))
$message=$error['message'];
}
Yii::log($message, CLogger::LEVEL_WARNING, 'system.web.CHttpSession');
}
}
public function updateSessionCookieExpire()
{
if (isset(Yii::app()->request->cookies[$this->getSessionName()]))
{
$c = Yii::app()->request->cookies[$this->getSessionName()];
$c->expire = time() + $this->_clientLifetime;
$c->path = $this->_cookieParams['path'];
$c->domain = $this->_cookieParams['domain'];
$c->httpOnly = $this->_cookieParams['httponly'];
$c->secure = $this->_cookieParams['secure'];
Yii::app()->request->cookies[$this->getSessionName()] = $c;
}
}
}