Lost session problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mvijfwinkel
Forum Newbie
Posts: 3
Joined: Sat Aug 23, 2008 6:19 am

Lost session problem

Post by mvijfwinkel »

Hello everybody!

I'm banging my head against this for a long while now, so it's time to throw it in the group (if only to share the pain :wink: ).

I have a website which is basically an image gallery. For some users (less than 1%) the session is not remembered when a new window is opened, which leads to the login being lost.

I'm passing the session data in the url with PHPSESSID=, but Apaches error log is full of the following errors (also for my own IP).

Code: Select all

PHP Warning:  Unknown: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0, referer: http://server1.cgtextures.com/texview.p ... b63127aeed
PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0, referer: http://server1.cgtextures.com/texview.p ... b63127aeed
As you can see the session doesn't seem to contain any illegal characters, is there another reason why it would log such an error?
Even though the error logs state that the session data cannot be written, they are still sucessfully written in /var/lib/php/session, with the correct data in the file.

I get the session data with: $session_propagator = '&PHPSESSID=' . session_id(); and simple glue it to the end of the URL in the link. (I have tried getting the session name as well, in case the browser has a custom session name, but this doesn't solve the problem).
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Lost session problem

Post by jaoudestudios »

Why do you send it through the url?

use session_start(); and you can do it all behind the scenes.
mvijfwinkel
Forum Newbie
Posts: 3
Joined: Sat Aug 23, 2008 6:19 am

Re: Lost session problem

Post by mvijfwinkel »

I'm also using session_start(), but this is not a reliable method when images are opened in a new window. If I wouldn't pass it with the URL also an even bigger percentage of the user would loose its login.
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Lost session problem

Post by jaoudestudios »

I do not pass it through the url and have never had a problem with users loosing login or popups. Though try to use popups as little as possible as people have these blocked. If you want to show an enlarged image use JS lightbox, it has the same effect (actually better) but it wont be considered a popup by the browser.

You must have session_start on every page! Otherwise it will be lost.
mvijfwinkel
Forum Newbie
Posts: 3
Joined: Sat Aug 23, 2008 6:19 am

Re: Lost session problem

Post by mvijfwinkel »

The problem has been solved, I had a iframe in my page which picked up the session in an incorrect manner. (I totally forgot about this IFrame, and the referrer in the error log was not giving the correct address!)

Thanks for the help!
Post Reply