session getting expired

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
susrisha
Forum Contributor
Posts: 439
Joined: Thu Aug 07, 2008 11:43 pm
Location: Hyderabad India

session getting expired

Post by susrisha »

Hi,

I have a file uploading form which uploads the data.

Code: Select all

 
//this is at the start of the page to know if the user is logged in or not
//check for session integrity
if(!isset($_SESSION))
{
session_start();
}
//see if the user is authenticated
if($_SESSION['authenticate']!="1")
{
//redirect to session expire page
 
//this is the form i put in the page
<form action ="uploadvideo.php"  method ="post" enctype="multipart/form-data" onsubmit = " return validate_form();">
 Upload form to be embedded here.
 <br />
 <input  type="file" id= "uploadvideo" name="video" />
 <input type ="submit" value ="UPLOAD" onclick="show_upload();" />
 
in the upload processing page i have this code

Code: Select all

 
//check for session integrity
if(!isset($_SESSION))
{
session_start();
echo "Session was not set";
}
//see if the user is authenticated
if($_SESSION['authenticate']!="1")
{
     session_regenerate_id();
     session_destroy();
     include_once("template_start.php");
     echo '<FONT COLOR="#FF0000 "><center>
<b>Unauthorized login.. Please Login again</b>
     </center></FONT>';
     include_once("loginbody.php");
     include_once("template_end.php");
 
    exit();
}
include_once("template_start.php");
include_once("utilities.php");
include_once("vars.php");
$loginID = $_SESSION['LoginID'];
//create a unique file name
$unique_filename = generate_random_string(16,$loginID);
//get the original file base name to be stored in database as videoname
$videoname = basename($_FILES['video']['name']);//to be stored in mysql
//check for the file size and send back if not proper
if($_FILES['video']['size']>$g_file_size_limit)
{
  echo "File size is more than 12MB cannot upload file<br />";
  echo "<a href=\"videolist.php\">BACK</a>";
  include_once("template_end.php");
  exit();
}
echo "size of the file is ".$_FILES['video']['size'];
//have to move the uploaded file to temp folder for conversion
$temp_path =$g_temp_files_folder.$videoname;
//move the uploaded file to the location
if(!move_uploaded_file($_FILES['video']['tmp_name'],$temp_path))
{
  echo "file could not be moved <br />";
  echo "<a href=\"videolist.php\">BACK</a>";
  include_once("template_end.php");
  exit();
}
 
Now the problem is each time i try to upload a file it shows the session has expired. The settings for session in the ini file are as follows

Code: Select all

 
session.auto_start  Off 
session.bug_compat_42     On    
session.bug_compat_warn On  
session.cache_expire    180 
session.cache_limiter   nocache 
session.cookie_domain   no value    
session.cookie_httponly Off 
session.cookie_lifetime 0   
session.cookie_path /   
session.cookie_secure   Off 
session.entropy_file    no value    
session.entropy_length  0   
session.gc_divisor  100 100
session.gc_maxlifetime  1440    
session.gc_probability  1   
session.hash_bits_per_character 4   
session.hash_function   0   
session.name    PHPSESSID   
session.referer_check   no value    
session.save_handler    files   
session.save_path   no value    
session.serialize_handler   php 
session.use_cookies On
session.use_only_cookies    Off 
session.use_trans_sid   0   
 
Thought its a time out problem but cant figure out where.. please help
Paul Arnold
Forum Contributor
Posts: 141
Joined: Fri Jun 13, 2008 10:09 am
Location: Newcastle Upon Tyne

Re: session getting expired

Post by Paul Arnold »

Where are you setting $_SESSION['authenticate'] to 1?
User avatar
susrisha
Forum Contributor
Posts: 439
Joined: Thu Aug 07, 2008 11:43 pm
Location: Hyderabad India

Re: session getting expired

Post by susrisha »

I am setting it in a page authenticate.php which will be setting it when the user logs into the solution.

Code: Select all

 
 
//this is what i wrote for the authentication after the user logging is passed.
 
$_SESSION['authenticate']="1";
 
To add more.. I have left the page untouched for about 3 minutes and after that, tried to link to something else, even then the session fails. i think the timeout is set to 3 minutes. How do i change this?
Paul Arnold
Forum Contributor
Posts: 141
Joined: Fri Jun 13, 2008 10:09 am
Location: Newcastle Upon Tyne

Re: session getting expired

Post by Paul Arnold »

Hmm... this shouldn't be affecting it as '0' sets session lifetimes to indefinite but you could try setting;

session.cookie_lifetime 0

to

session.cookie_lifetime 1800

in your php.ini file to force the session lifetime to 30 minutes.
User avatar
The_Anomaly
Forum Contributor
Posts: 196
Joined: Fri Aug 08, 2008 4:56 pm
Location: Tirana, Albania

Re: session getting expired

Post by The_Anomaly »

Why do you have all of this session weirdness? Regenerate ID and then destroy? Just have session_start() in every page, no conditionals, no nothing. Then every page check if your session variable authenticated is 1, if not, then send yourself to the login page, which sets it to be 1, if valid authentication.

Your session handling is way overcomplicated, when there's no need for it to be. From http://php.net/session_start:
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.
Not sure if it'll fix your problem, but it'll certainly uncomplicate things a bit.
User avatar
susrisha
Forum Contributor
Posts: 439
Joined: Thu Aug 07, 2008 11:43 pm
Location: Hyderabad India

Re: session getting expired

Post by susrisha »

well thats all the part of the code when the user is not authenticated. Will uncomplicate it later. but i think i have solved it with a work around.

just for this page, i am trying to send everything in post and set the authenticate to 1 (of course only if i get the variables i need on a post). its a raw work around.

session.cookie_lifetime 1800
i have also tried this one.. no results yet
Post Reply