#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063
Updated by: der...@php.net
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
There might be a cronjob removing sessions... Debian based systems do
that.
Previous Comments:
[2009-04-24 21:20:38] myselfasunder at gmail dot com
I've removed the session name setting and the cookie-parameters call:
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
However, even though the cookie lifetime is 0, the session still
disappears. Thoughts/suggestions?
Is this most likely a me-problem, or the extension?
[2009-04-24 00:05:29] myselfasunder at gmail dot com
This is just a project, at work, that I've been working on, and this is
just all from the perspective of my local system... so, it's very
unlikely that any other sessionized web-apps are running without me
being able to think of them.
I don't exactly know the format of the session file, but since it deals
with serialized information and a predictable data-size, you can
presumably put the lifetime information at the end of the file without
interfering with backward compatibility..?
[2009-04-23 21:59:15] scott...@php.net
It's not that smart, it just looks through the session directory and
kills anything that looks like a session file based on the last time the
file was read and the currently lifetime value.
If there are zero other scripts on the system then it should be fine,
but I suspect there is one somewhere you are missing. Can you add this
to the php.ini file and see if you can reproduce it?
We could look to adding the session lifetime to the file but that would
break backwards compatibility and you could accidentally set a session
to 10 years from now and it would never get removed.
[2009-04-23 21:24:24] myselfasunder at gmail dot com
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/48063
--
Edit this bug report at http://bugs.php.net/?id=48063edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063
User updated by: myselfasunder at gmail dot com
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
I've removed the session name setting and the cookie-parameters call:
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
However, even though the cookie lifetime is 0, the session still
disappears. Thoughts/suggestions?
Is this most likely a me-problem, or the extension?
Previous Comments:
[2009-04-24 00:05:29] myselfasunder at gmail dot com
This is just a project, at work, that I've been working on, and this is
just all from the perspective of my local system... so, it's very
unlikely that any other sessionized web-apps are running without me
being able to think of them.
I don't exactly know the format of the session file, but since it deals
with serialized information and a predictable data-size, you can
presumably put the lifetime information at the end of the file without
interfering with backward compatibility..?
[2009-04-23 21:59:15] scott...@php.net
It's not that smart, it just looks through the session directory and
kills anything that looks like a session file based on the last time the
file was read and the currently lifetime value.
If there are zero other scripts on the system then it should be fine,
but I suspect there is one somewhere you are missing. Can you add this
to the php.ini file and see if you can reproduce it?
We could look to adding the session lifetime to the file but that would
break backwards compatibility and you could accidentally set a session
to 10 years from now and it would never get removed.
[2009-04-23 21:24:24] myselfasunder at gmail dot com
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
[2009-04-23 19:06:20] myselfasunder at gmail dot com
?php
session_name('COOKIE');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/48063
--
Edit this bug report at http://bugs.php.net/?id=48063edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063
User updated by: myselfasunder at gmail dot com
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
Previous Comments:
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
[2009-04-23 19:06:20] myselfasunder at gmail dot com
?php
session_name('COOKIE');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
[2009-04-23 17:33:38] j...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ?php and ends with ?,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
[2009-04-23 16:51:26] myselfasunder at gmail dot com
Description:
I have set the following:
session_name('GOLDENCOLLECTION');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
I can load the same page many times successfully. However, if I wait a
while, around twenty minutes, the session's members are no longer
available.
This is the first time I've used cookies to carry the SID (instead of
putting them in the URL).
I have administrative control of the system.
Reproduce code:
---
session_start();
Expected result:
The session should be started and all preexisting members should be
available. They -does- happen, but until only around twenty or thirty
minutes have elapsed, and then they'll be gone.
Actual result:
--
They'll disappear without me doing anything.
--
Edit this bug report at http://bugs.php.net/?id=48063edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063
Updated by: scott...@php.net
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
It's not that smart, it just looks through the session directory and
kills anything that looks like a session file based on the last time the
file was read and the currently lifetime value.
If there are zero other scripts on the system then it should be fine,
but I suspect there is one somewhere you are missing. Can you add this
to the php.ini file and see if you can reproduce it?
We could look to adding the session lifetime to the file but that would
break backwards compatibility and you could accidentally set a session
to 10 years from now and it would never get removed.
Previous Comments:
[2009-04-23 21:24:24] myselfasunder at gmail dot com
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
[2009-04-23 19:06:20] myselfasunder at gmail dot com
?php
session_name('COOKIE');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
[2009-04-23 17:33:38] j...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ?php and ends with ?,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
[2009-04-23 16:51:26] myselfasunder at gmail dot com
Description:
I have set the following:
session_name('GOLDENCOLLECTION');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
I can load the same page many times successfully. However, if I wait a
while, around twenty minutes, the session's members are no longer
available.
This is the first time I've used cookies to carry the SID (instead of
putting them in the URL).
I have administrative control of the system.
Reproduce code:
---
session_start();
Expected result:
The session should be started and all preexisting members should be
available. They -does- happen, but until only around twenty or thirty
minutes have elapsed, and then they'll be gone.
Actual result:
--
They'll disappear without me doing anything.
--
Edit this bug report at http://bugs.php.net/?id=48063edit=1
#48063 [Bgs]: Spontaneously disappearing, cookie-based sessions
ID: 48063
User updated by: myselfasunder at gmail dot com
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
This is just a project, at work, that I've been working on, and this is
just all from the perspective of my local system... so, it's very
unlikely that any other sessionized web-apps are running without me
being able to think of them.
I don't exactly know the format of the session file, but since it deals
with serialized information and a predictable data-size, you can
presumably put the lifetime information at the end of the file without
interfering with backward compatibility..?
Previous Comments:
[2009-04-23 21:59:15] scott...@php.net
It's not that smart, it just looks through the session directory and
kills anything that looks like a session file based on the last time the
file was read and the currently lifetime value.
If there are zero other scripts on the system then it should be fine,
but I suspect there is one somewhere you are missing. Can you add this
to the php.ini file and see if you can reproduce it?
We could look to adding the session lifetime to the file but that would
break backwards compatibility and you could accidentally set a session
to 10 years from now and it would never get removed.
[2009-04-23 21:24:24] myselfasunder at gmail dot com
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
[2009-04-23 19:06:20] myselfasunder at gmail dot com
?php
session_name('COOKIE');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print(Session already exists.br);
else
print(Session DOES NOT exist.br);
$_SESSION['aa'] = true;
[2009-04-23 17:33:38] j...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ?php and ends with ?,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/48063
--
Edit this bug report at http://bugs.php.net/?id=48063edit=1
