i'm having a problem with my session check.
The first time i log in i call the php login script in which i call session_start(), check with the DB if username and password are correct and in this case store $_SESSION["username"] and $_SESSION["id"] variables and retireve $id variable that is session_id();
Then i'm on the homepage of my app (that i want to protect if no session is opened), so in onRestart method of this home activity i call the checkLogin() function that runs the CheckLogin php script in which i call session_start(), $id=session_id() and check if(isset($_SESSION["username"]) and isset($_SESSION["id"]) and $_SESSION["id"]==$id). In this case i retrieve echo 'logged' else 'error'
I saw that in my php.ini (using mysite/phpinfo.php) session.gc_maxlifetime is set to 1440 seconds but my CheckLogin script says that i'm still connected even if 8 hours passed. When i first login i save the session_id() in my sharedPreferences and then i pass this id in the checklogin request as Cookie paramether in this way
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setReadTimeout(15000);
conn.setConnectTimeout(15000);
conn.setUseCaches(true);
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Cookie","PHPSESSID="+id);
Please can anyone explain me why $_SESSION variables are still there 8 hours of inactivity later even if in php.ini maxlifetime is set to 1440?
Thank you in advance.
