Session expiring too early...

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
MicahCarrick
Forum Newbie
Posts: 23
Joined: Sat Apr 09, 2005 5:40 pm

Session expiring too early...

Post by MicahCarrick »

I have a cart written using SESSION variables. All session settings are default and therefore cache expire is at 180. However, I keep finding that the session ID is still the same, but all the variables have been destroyed after just 60 minutes. There is some header() functions but I have a call to session_write_close(); before redirecting. I can't figure out why this is happening. Any ideas?

Micah
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The session id on the client will not expire until the browser it closed or your site destroys it. The session data on the server may be destroyed at almost any time, depending on the server and settings...
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

Shared server? Move your sessions from /tmp to your own folder. Shared hosts will purge sessions from /tmp regularly.

session.save_path
MicahCarrick
Forum Newbie
Posts: 23
Joined: Sat Apr 09, 2005 5:40 pm

Post by MicahCarrick »

It's not a shared server, however, I do have more information....

This code I'm working on was written initially by another programmer. It's a shopping cart that is put into every page on the site via an include statement. The previous programmer has the following to prevent caching so that the changes in the cart are updated visually:

Code: Select all

// Date in the past
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
.. which I did some reading up and tried this instead:

Code: Select all

header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: must-revalidate");
session_cache_limiter("must-revalidate");
.. however, session cache is still deleted after 60 minutes. I'm not too savy on headers... any more advice?

- Micah
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

what are all the exact values from the session.* settings in php.ini? (you can find them through a phpinfo() or looking through ini_get_all()
MicahCarrick
Forum Newbie
Posts: 23
Joined: Sat Apr 09, 2005 5:40 pm

Post by MicahCarrick »

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

it looks like there's an automated cleanup of the /tmp folder being run, as Buddha443556 theorized...
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

I have implemented a error catching framework which uses Sessions to maintain and pass around information/errors. The problem was that if an error was caught just before sending header() redirect. It would not appear on the next page. Is it so because I haven't used session_write_close() :?: :?
MicahCarrick
Forum Newbie
Posts: 23
Joined: Sat Apr 09, 2005 5:40 pm

Post by MicahCarrick »

Well, it was the cache path. Changed it from tmp and it's working now. I wish I hadn't dismissed that possibility so early on. Thank you all very much!
Post Reply