img-67-96x96

CakePHP Session Timeout or Change Session Length in CakePHP

Hello Friends, This is my first post on this blog. Basically i am web developer having 2 plus year of experience in PHP,Ajax, jQuery, HTML, CakePHP, WordPress, Joomla and Expression Engine. I already have one blog which is related to Hacking and Technology. I am daily working on PHP and getting so many problems I started this blog to just express all things which are giving problems to developers when they are doing coding.

Today i am explaining about session timeout. When we develop any application which using sessions for login and other logic, then by default CakePHP automatically logged out user or automatically destroy all sessions because of High security.If  Security Level is High then session timeout is low. So by default CakePHP is giving Security Level High. It means in CakePHP Security Level and Session Timeout both are relative to each other. So if you want to change Security Level and Session Timeout in CakePHP then follow steps shown below :

1. Open core.php file exists in “cakePHP/app/config/” or exists in your app/config folder.

2. Find “Security.level”  and “Session.timeout“(without quotes) in core.php.

3. Now you will see “Security.level” is by default set to “High“.

4. Now below i am explaining you what is meaning of “Security.level” set to “High” and also how it is related to Session.timeout“.

CakePHP counts  “Session.timeout” Regarding to  “Security.level“,means for example if you set “Security.level” to “medium” then cakePHP will multiply a figure (100 for medium, fix for all security level) to “Session.timeout“. Means if you set “Security.level” to “medium” and “Session.timeout” to 50 , So session timeout will be 100(for medium security level) x 50 (session timeout) = 5000 seconds.

Below is the ntable for “Session.timeout” according to “Security.level“.

‘high’          –                  Session timeout in ‘Session.timeout’ x 10
‘medium’  –                 Session timeout in ‘Session.timeout’ x 100
‘low’            –                  Session timeout in ‘Session.timeout’ x 300

So if “Security.level” is high then it will multiply “Session.timeout” with 10.

if “Security.level” is medium then it will multiply “Session.timeout” with 100.

if “Security.level” is low then it will multiply “Session.timeout” with 300.

So if you want to change session timeout or increase session timeout for cakePHP application then you must have change “Security.level” and “Session.timeout” variables in core.php.

If you like my posts then please comment it.

  • Robert

    Nice.
    But what elae does medium security change beside session timeout?

  • http://whatinthai.com pTucky

    Great!! Thanks for ur explaination.

    Any impact or security change for changing security level to “medium” ?

  • http://dash.za.net Dash

    You didn't really mention anything other than what is in core.php, if I wanted to know all this, I would've just read the file!

    Post some sample settings or something, even that would've been more helpful than this!

  • newbie

    how can i delete data from database if time expires?

  • Test

    Nice post………Its very useful..

Subscribe to PHP Freelancer

Enter your email address: