My session bug, incredible, must read!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
chrys
Forum Contributor
Posts: 118
Joined: Tue Oct 04, 2005 9:41 am
Location: West Roxbury, MA (Boston)

My session bug, incredible, must read!

Post by chrys »

As some of you may have noticed I have posted a few issues with sessions. I have finally found out what the problem is.

The current platform is as such:
Firefox
PHP

I have a PHP site that people use strictly with Firefox.

It took me forever to debug this, but here is the conclusion I came to:
When Firefox has stored more than 70 cookies for a domain, it starts to read selectively, and only reads 70 of them. The cookies that are selectively chosen are the ones after the 70 mark. I don't know if this is an issue related to Firefox storage, or to PHP readage. I am leaning towards Firefox, because Javascript also has the same issues reading the cookies past 70.

Has anyone heard anything bout this? Anyone have their input?

Thank you, but after months of suffering, I have finally figured this bug out. I am going to drink to that (that's how mystifyingly stressful it was)
User avatar
chrys
Forum Contributor
Posts: 118
Joined: Tue Oct 04, 2005 9:41 am
Location: West Roxbury, MA (Boston)

Post by chrys »

I just tested it in IE, it appears the thresh hold is even lower in IE, about 20?
nincha
Forum Contributor
Posts: 191
Joined: Fri Mar 28, 2003 12:30 pm
Location: CA, USA

Post by nincha »

is this true? i thought cookies are capped based on menory usage.
User avatar
chrys
Forum Contributor
Posts: 118
Joined: Tue Oct 04, 2005 9:41 am
Location: West Roxbury, MA (Boston)

Post by chrys »

nincha wrote:is this true? i thought cookies are capped based on menory usage.
This may be possible since each of my cookies are generally the same size. It is restricted by domain. Anyone else know anything?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

the HTTP standard dictated that clients who accept cookies only should store 4 per domain with a maximum of 4K of data in each. It's still up to the browser companies to choose how far they'll store, so Firefox allowing more than that is of their own choosing. I think you need to rethink how cookies are used on your site.
nincha
Forum Contributor
Posts: 191
Joined: Fri Mar 28, 2003 12:30 pm
Location: CA, USA

Post by nincha »

what about sessions??
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Sessions have, often, less in size limitations, however they often take up a cookie on their own. For file based sessions there's the server's clean-up routine that may bite you, so if you do use them, go with a database version. I try to pack all data used across the entire domain into a single session. I don't like how, at least right now, phpBB uses two to three cookies by itself. Hopefully I can fix that in the fork I'm working on.
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

70 Cookies? Whoa!

Got milk?

:D
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

feyd wrote: I don't like how, at least right now, phpBB uses two to three cookies by itself. Hopefully I can fix that in the fork I'm working on.
phpBB Fork? Are you going to publish it?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Yes, it will be open sourced.
User avatar
chrys
Forum Contributor
Posts: 118
Joined: Tue Oct 04, 2005 9:41 am
Location: West Roxbury, MA (Boston)

Post by chrys »

PHP Sessions just store one cookie with the session ID.


I will indeed have to rethink cookies in the future. For now my solutions is that the cookies I set expire after 10 minutes, since they're not needed for longer than that. The problem was those cookies would pile up. Eventually the PHPSESSID was getting pushed out of the range so people would be getting logged out and couldn't log back in, I finally figured out why!
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Congratulations!
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

feyd wrote:Hopefully I can fix that in the fork I'm working on.
A solo effort? I feel so left out. Here I thought I was gonna help. ;)
User avatar
chrys
Forum Contributor
Posts: 118
Joined: Tue Oct 04, 2005 9:41 am
Location: West Roxbury, MA (Boston)

Post by chrys »

neophyte wrote:Congratulations!
Beer will be had.
Post Reply