#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063 Updated by: der...@php.net Reported By: myselfasunder at gmail dot com Status: Bogus Bug Type: Session related Operating System: Ubuntu PHP Version: 5.2.9 New Comment: There might be a cronjob removing sessions... Debian based systems do that. Previous Comments: [2009-04-24 21:20:38] myselfasunder at gmail dot com I've removed the session name setting and the cookie-parameters call: ini_set('session.use_only_cookies', '1'); ini_set('session.gc_maxlifetime', 86400 * 3); session_start(); if(isset($_SESSION['aa'])) print("Session already exists."); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; However, even though the cookie lifetime is 0, the session still disappears. Thoughts/suggestions? Is this most likely a me-problem, or the extension? [2009-04-24 00:05:29] myselfasunder at gmail dot com This is just a project, at work, that I've been working on, and this is just all from the perspective of my local system... so, it's very unlikely that any other sessionized web-apps are running without me being able to think of them. I don't exactly know the format of the session file, but since it deals with serialized information and a predictable data-size, you can presumably put the lifetime information at the end of the file without interfering with backward compatibility..? [2009-04-23 21:59:15] scott...@php.net It's not that smart, it just looks through the session directory and kills anything that looks like a session file based on the last time the file was read and the currently lifetime value. If there are zero other scripts on the system then it should be fine, but I suspect there is one somewhere you are missing. Can you add this to the php.ini file and see if you can reproduce it? We could look to adding the session lifetime to the file but that would break backwards compatibility and you could accidentally set a session to 10 years from now and it would never get removed. [2009-04-23 21:24:24] myselfasunder at gmail dot com Even if this is the only script that executes on the system (a front-controller in the only application)? How about the fact that my session-name is 'COOKIE' in this test-script... Wouldn't only everything that uses a session-name of COOKIE interfere with each other, in this case? [2009-04-23 21:02:23] scott...@php.net You need to set it in the php.ini, if any other script uses sessions and doesn't set it to be the same value it will delete the sessions. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/48063 -- Edit this bug report at http://bugs.php.net/?id=48063&edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063 User updated by: myselfasunder at gmail dot com Reported By: myselfasunder at gmail dot com Status: Bogus Bug Type: Session related Operating System: Ubuntu PHP Version: 5.2.9 New Comment: I've removed the session name setting and the cookie-parameters call: ini_set('session.use_only_cookies', '1'); ini_set('session.gc_maxlifetime', 86400 * 3); session_start(); if(isset($_SESSION['aa'])) print("Session already exists."); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; However, even though the cookie lifetime is 0, the session still disappears. Thoughts/suggestions? Is this most likely a me-problem, or the extension? Previous Comments: [2009-04-24 00:05:29] myselfasunder at gmail dot com This is just a project, at work, that I've been working on, and this is just all from the perspective of my local system... so, it's very unlikely that any other sessionized web-apps are running without me being able to think of them. I don't exactly know the format of the session file, but since it deals with serialized information and a predictable data-size, you can presumably put the lifetime information at the end of the file without interfering with backward compatibility..? [2009-04-23 21:59:15] scott...@php.net It's not that smart, it just looks through the session directory and kills anything that looks like a session file based on the last time the file was read and the currently lifetime value. If there are zero other scripts on the system then it should be fine, but I suspect there is one somewhere you are missing. Can you add this to the php.ini file and see if you can reproduce it? We could look to adding the session lifetime to the file but that would break backwards compatibility and you could accidentally set a session to 10 years from now and it would never get removed. [2009-04-23 21:24:24] myselfasunder at gmail dot com Even if this is the only script that executes on the system (a front-controller in the only application)? How about the fact that my session-name is 'COOKIE' in this test-script... Wouldn't only everything that uses a session-name of COOKIE interfere with each other, in this case? [2009-04-23 21:02:23] scott...@php.net You need to set it in the php.ini, if any other script uses sessions and doesn't set it to be the same value it will delete the sessions. [2009-04-23 19:06:20] myselfasunder at gmail dot com "); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/48063 -- Edit this bug report at http://bugs.php.net/?id=48063&edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063 User updated by: myselfasunder at gmail dot com Reported By: myselfasunder at gmail dot com Status: Bogus Bug Type: Session related Operating System: Ubuntu PHP Version: 5.2.9 New Comment: This is just a project, at work, that I've been working on, and this is just all from the perspective of my local system... so, it's very unlikely that any other sessionized web-apps are running without me being able to think of them. I don't exactly know the format of the session file, but since it deals with serialized information and a predictable data-size, you can presumably put the lifetime information at the end of the file without interfering with backward compatibility..? Previous Comments: [2009-04-23 21:59:15] scott...@php.net It's not that smart, it just looks through the session directory and kills anything that looks like a session file based on the last time the file was read and the currently lifetime value. If there are zero other scripts on the system then it should be fine, but I suspect there is one somewhere you are missing. Can you add this to the php.ini file and see if you can reproduce it? We could look to adding the session lifetime to the file but that would break backwards compatibility and you could accidentally set a session to 10 years from now and it would never get removed. [2009-04-23 21:24:24] myselfasunder at gmail dot com Even if this is the only script that executes on the system (a front-controller in the only application)? How about the fact that my session-name is 'COOKIE' in this test-script... Wouldn't only everything that uses a session-name of COOKIE interfere with each other, in this case? [2009-04-23 21:02:23] scott...@php.net You need to set it in the php.ini, if any other script uses sessions and doesn't set it to be the same value it will delete the sessions. [2009-04-23 19:06:20] myselfasunder at gmail dot com "); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; [2009-04-23 17:33:38] j...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/48063 -- Edit this bug report at http://bugs.php.net/?id=48063&edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063 Updated by: scott...@php.net Reported By: myselfasunder at gmail dot com Status: Bogus Bug Type: Session related Operating System: Ubuntu PHP Version: 5.2.9 New Comment: It's not that smart, it just looks through the session directory and kills anything that looks like a session file based on the last time the file was read and the currently lifetime value. If there are zero other scripts on the system then it should be fine, but I suspect there is one somewhere you are missing. Can you add this to the php.ini file and see if you can reproduce it? We could look to adding the session lifetime to the file but that would break backwards compatibility and you could accidentally set a session to 10 years from now and it would never get removed. Previous Comments: [2009-04-23 21:24:24] myselfasunder at gmail dot com Even if this is the only script that executes on the system (a front-controller in the only application)? How about the fact that my session-name is 'COOKIE' in this test-script... Wouldn't only everything that uses a session-name of COOKIE interfere with each other, in this case? [2009-04-23 21:02:23] scott...@php.net You need to set it in the php.ini, if any other script uses sessions and doesn't set it to be the same value it will delete the sessions. [2009-04-23 19:06:20] myselfasunder at gmail dot com "); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; [2009-04-23 17:33:38] j...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2009-04-23 16:51:26] myselfasunder at gmail dot com Description: I have set the following: session_name('GOLDENCOLLECTION'); session_set_cookie_params(86400 * 3); ini_set('session.use_only_cookies', '1'); ini_set('session.gc_maxlifetime', 86400 * 3); I can load the same page many times successfully. However, if I wait a while, around twenty minutes, the session's members are no longer available. This is the first time I've used cookies to carry the SID (instead of putting them in the URL). I have administrative control of the system. Reproduce code: --- session_start(); Expected result: The session should be started and all preexisting members should be available. They -does- happen, but until only around twenty or thirty minutes have elapsed, and then they'll be gone. Actual result: -- They'll disappear without me doing anything. -- Edit this bug report at http://bugs.php.net/?id=48063&edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063 User updated by: myselfasunder at gmail dot com Reported By: myselfasunder at gmail dot com Status: Bogus Bug Type: Session related Operating System: Ubuntu PHP Version: 5.2.9 New Comment: Even if this is the only script that executes on the system (a front-controller in the only application)? How about the fact that my session-name is 'COOKIE' in this test-script... Wouldn't only everything that uses a session-name of COOKIE interfere with each other, in this case? Previous Comments: [2009-04-23 21:02:23] scott...@php.net You need to set it in the php.ini, if any other script uses sessions and doesn't set it to be the same value it will delete the sessions. [2009-04-23 19:06:20] myselfasunder at gmail dot com "); else print("Session DOES NOT exist."); $_SESSION['aa'] = true; [2009-04-23 17:33:38] j...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2009-04-23 16:51:26] myselfasunder at gmail dot com Description: I have set the following: session_name('GOLDENCOLLECTION'); session_set_cookie_params(86400 * 3); ini_set('session.use_only_cookies', '1'); ini_set('session.gc_maxlifetime', 86400 * 3); I can load the same page many times successfully. However, if I wait a while, around twenty minutes, the session's members are no longer available. This is the first time I've used cookies to carry the SID (instead of putting them in the URL). I have administrative control of the system. Reproduce code: --- session_start(); Expected result: The session should be started and all preexisting members should be available. They -does- happen, but until only around twenty or thirty minutes have elapsed, and then they'll be gone. Actual result: -- They'll disappear without me doing anything. -- Edit this bug report at http://bugs.php.net/?id=48063&edit=1