[PHP] Re: sessions terminating randomly please help

[David Chamberlin]

It's possible you're being afflicted with the same problem I am.  See 
the message just one or two above this about "Sessions problem".  What I 
found in my debugging is that it had to do with how I was 
mix-and-matching the way I specified links.

Short version of the problem is that http://mysite.org/ has one session 
and http://www.mysite.org/ has another.  In my code, I sometimes have 
the links as <a href="/<page>"> and sometimes it's explicit, as <a 
href="http://www.mysite.org/";>.  So if a user went to the site as 
http://mysite.org - the pages that used the explicit www.mysite.org 
would fail.

So if there's anything in your pages/links that may change how the link 
is referred, you may be have different sessions occuring.

I would imagine it should be pretty easy for you to debug whether or not 
this is the problem.  Have each of your pages echo out the current 
session id (echo 'session is '.session_id().'<br>';) and see if it 
changes at any point, and especially on the pages that fail.

-Dave

Freaky Deaky wrote:
hi 

i am experiencing a major problem with sessions expiring randomly in some of my 
apps. i will log in and start clicking around and then i will eventually 
arrive at a page that tells me that i'm not logged in anymore. this happens 
apparently randomly. i have seen it on ie6, ie for mac, netscape 4.7 for pc, 
and mozilla 

the apps are hosted on 

freebsd 4.7-release p2 
apache 1.3.27 
php version 4.2.3 
compiled with --enable-trans-sid 

i can't go into production if there's the possibility that users will be 
randomly logged off. i went through all of my code over the weekend, and i 
don't think i can attribute this to a miscoding: 

when a user logs in, i create a session with 

session_start(); 
$valid_user=$_POST['username']; 
session_register("valid_user"); 

i have the following code at the top of each page to check to see if the session 
is valid: 

session_start(); 
$valid_user=$_SESSION['valid_user']; 
global $valid_user; 
if (session_is_registered("valid_user") 
{...function to spit out an error message if the session is not valid...;} 

i have a logout page that destroys the session 

session_start(); 
session_destroy(); 

i also have a javascript timer in the header of every page that redirects to the 
logout page if the user has been inactive for 20 minutes. 

i have played around with session.gc_probability, setting it to 100, but that 
doesn't seem to have fixed the problem. 

this is a huge problem. 
if anyone can give some advice, i'd really appreciate it. 

thanks



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php