Jump to content

[resolved] Session Problem


Err
 Share

Recommended Posts

I'm using a session to login. However, it can do some very strange things. It will log me out even if I still have my session. This usually happens after I don't click on something for a period of time. I know it's not timing out because even after 3mins of being idle on any page, it will log me out. Sometimes it lasts longer and it's beginning to be a hassle.

$_SESSION['admin'] = $admin;

Edited by RahXephon
Link to comment
Share on other sites

Obvious questions out of the way: are you calling session_start() first thing on each page, and are you calling session_write_close() after setting session variables, but only once per script?

Link to comment
Share on other sites

It's not necessary to close the session on every page, that will happen automatically.

It will log me out even if I still have my session.
Is the session ending, or is the data changing so that your application doesn't know if you're logged in or not? Is this a problem with the session ending or are you changing the data in the session in a way that breaks your application?
Link to comment
Share on other sites

FWIW, session_write_close() is optional (implicitly called when script terminates) and only needed in some situations. But session_start() is a likely culprit.
I thought as much, but I've had problems when I didn't explicitly call it...I don't know why.
Link to comment
Share on other sites

I thought as much, but I've had problems when I didn't explicitly call it...I don't know why.
If you're using header() to redirect you need to use session_write_close() first, but the rest of the time there shouldn't be trouble.
Link to comment
Share on other sites

Ah, that'll do it. Thanks for the info.

Link to comment
Share on other sites

Obvious questions out of the way: are you calling session_start() first thing on each page, and are you calling session_write_close() after setting session variables, but only once per script?
I'm using session_start(); only once since I'm just including all pages into index.php by a url post (index.php?p=login). I'm not calling session_write_close() at all.I'm thinking it might have something to do how I'm including my pages, but there's no way of knowing for sure. Since my localhost copy of this project does not have this session problem.
  function get_include_contents($file) {	if (is_file($file)) {	  ob_start();	  include($file);	  $contents = ob_get_contents();	  ob_end_clean();	  return $contents;	}	return false;  }

Is the session ending, or is the data changing so that your application doesn't know if you're logged in or not? Is this a problem with the session ending or are you changing the data in the session in a way that breaks your application?
I don't think the session is ending since I always see the session cookie. I'm not changing the admin session at all. The only thing I'm doing with it is calling it with:
$admin = (isset($_SESSION['admin'])) ? $_SESSION['admin'] : "";

Also, in some include pages I'm checking for sessions with:

if (!isset($_SESSION['admin'])) { ... }

If you're using header() to redirect you need to use session_write_close() first, but the rest of the time there shouldn't be trouble.
That's usually only an issue if you start a new session and then redirect. If the session was already started before redirecting you shouldn't need to explicitly write it.
I'm calling header() right after I set my session without using session_write_close(). I just tried this out though, and I still continue to experience this logout.
Link to comment
Share on other sites

Check if register_globals is enabled on the server with the problem. If it's enabled, you'll probably want to disable it. With register_globals on, changes to $admin might also affect $_SESSION['admin'].
I just checked the server and it has register_globals = Off. Though I did notice something very interesting in the CP. They said when using sessions to use session_save_path(); I don't know if this will help my problem but I have tried adding it to the code. So far I haven't been logged out, but I will report back if this fails to fix it.
Link to comment
Share on other sites

So do you just call that on its own, after setting a session variable?

Link to comment
Share on other sites

I just mean how do you use session_save_path()?

Link to comment
Share on other sites

You can also set the path once, apparently, by using session.save-path():http://www.php.net/manual/en/session.confi...ssion.save-path

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...