How to keep session alive without reloading page?

Question

I have a strange problem in my online test management system.

Some users in the test form (test.php) need long time to answer the question and submit the form.

After submitting the form the session is expired and user must login again

this is not a code problem

I set this value in top of all pages

ini_set('session.gc_maxlifetime', 18000); 

Is there a way to refresh the session evrey 10 minutes without reloading the page in test form to prevent session expire?

Please help me

Thanks

Answer 1

You can use javascript XHR, or as others call it, AJAX.

• http://api.jquery.com/jQuery.ajax/
• http://api.jquery.com/jQuery.get/

Using ajax you can call a php script that refreshes your session every 10 minutes. :)

---

This is as far as i can go to "exact".

javascript

var refreshSn = function () {     var time = 600000; // 10 mins     setTimeout(         function ()         {         $.ajax({            url: 'refresh_session.php',            cache: false,            complete: function () {refreshSn();}         });     },     time ); };  // Call in page refreshSn() 

refresh_session.php

<?php session_start();  // store session data if (isset($_SESSION['id'])) $_SESSION['id'] = $_SESSION['id']; // or if you have any algo. ?> 

---

Anyway, another solution would be to extend the session time for the test page only using the solution presented here

How do I expire a PHP session after 30 minutes?

Answer 2

All you need is this (uses jQuery for the $.post):

JavaScript (put this inside your onload-function or something)

setInterval(function(){   $.post('path/to/refresh_session.php'); },600000); //refreshes the session every 10 minutes 

refresh_session.php

<?php   session_start();    // if you have more session-vars that are needed for login, also check    // if they are set and refresh them as well   if (isset($_SESSION['token'])) {      $_SESSION['token'] = $_SESSION['token'];   } ?> 

The biggest change is in the JavaScript--you don't need a whole function, just one line.

---

EXTRA INFO

Although I think it's enough to just call session_start() in the php, if I read this right (http://nl3.php.net/function.session-start):

The read callback will retrieve any existing session data (stored in a special serialized format) and will be unserialized and used to automatically populate the $_SESSION superglobal when the read callback returns the saved session data back to PHP session handling.

And during testing I only put the above code on my visitor page, and not on the admin page. But I had both pages open in the same browser (Chrome), and the admin page stayed logged in as well, at least for over an hour (didn't check any longer). BUT, I don't know if it still works if you only use session_start(), without manually refreshing any session-var at all..

Either way, I like to be sure that the session-vars I need are really still there:)