Hi folks,
I've got a question about sessions in PHP. I'm a *gulp* ASP coder, so
please bear with me.
I developed a PHP site a few months back that has a password protected
entry into a secure section. I'm using session variables to ensure
that track if a visitor has already logged in, and should therefore be
allowed to view a given page.
This week there was a problem with the site not having access to the
MySQL database the site uses. The hosting company sent me this message
as an explanation for the problem:
"the culprit seems to be the way that you are handing sessions on the
GPR_intro.php page. The sessions are not being terminated in a timely
manner which is causing a back log of processes on the MySQL service
and is causing it to fail. The best course of action would be to
terminate your sessions at a set interval rather then letting them time
out on their own."
Huh??? Isn't that how sessions are supposed to work? You set session
variables, and they will timeout in a set period of time. That's how
it works in ASP. That's how it works in ColdFusion. Is that not the
case in PHP?
It sounds to me like a bogus answer, so I'd like some "expert"
opinions.
Thanks in advance for your help!
- Bryan
5  1741 
*** br***@chameleon-systems.com wrote/escribió (13 Jan 2005 08:46:31
-0800): Huh??? Isn't that how sessions are supposed to work? You set session
variables, and they will timeout in a set period of time. That's how
it works in ASP. That's how it works in ColdFusion. Is that not the
case in PHP?
I suppose you use the built-in session handler, don't you? Write a script
with <? phpinfo() ?> as its only content and find the "session" table.
Check the session.save_ha ndler directive. Is the server configured to store
sessions in a MySQL database?
As about zombie MySQL processes, MySQL connections are closed when the
script ends. The only exception are persistent connections (unless PHP is
configured not to allow them). Keeping a session open just means the data
will be stored for more time, which should not be an issue for any database
engine.
--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
-- br***@chameleon-systems.com wrote:
<snip> This week there was a problem with the site not having access to the
MySQL database the site uses. The hosting company sent me this
message as an explanation for the problem:
"the culprit seems to be the way that you are handing sessions on the
GPR_intro.php page. The sessions are not being terminated in a timely
manner which is causing a back log of processes on the MySQL service
and is causing it to fail. The best course of action would be to
terminate your sessions at a set interval rather then letting them
time out on their own."
Hmm... I don't think, your setup is complex to handle custom DB
based session handler. Perhaps there might be some issue with
persistent connection as someone suggested.
But, I also have the opinion that they wrongly mean session file
locking which can be fixed with proper usage of
<http://in2.php.net/session_write_c lose>
Huh??? Isn't that how sessions are supposed to work? You set
session variables, and they will timeout in a set period of time.
That's configurable (session.gc_max lifetime). Looking at the manual
might be of more help <http://in2.php.net/session>
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
Álvaro,
Thanks for the response. I ran the phpinfo command like you suggested,
and here's what I got:
Directive Local Value Master Value
session.save_ha ndler files files
That seems to indicate to me that MySQL isn't involved in the equation
at all, right?
Bryan
Alvaro G Vicario wrote: *** br***@chameleon-systems.com wrote/escribió (13 Jan 2005 08:46:31
-0800): Huh??? Isn't that how sessions are supposed to work? You set
session variables, and they will timeout in a set period of time. That's
how it works in ASP. That's how it works in ColdFusion. Is that not
the case in PHP?
I suppose you use the built-in session handler, don't you? Write a
script with <? phpinfo() ?> as its only content and find the "session"
table. Check the session.save_ha ndler directive. Is the server configured to
store sessions in a MySQL database?
As about zombie MySQL processes, MySQL connections are closed when
the script ends. The only exception are persistent connections (unless
PHP is configured not to allow them). Keeping a session open just means the
data will be stored for more time, which should not be an issue for any
database engine.
--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
--
*** br***@chameleon-systems.com wrote/escribió (13 Jan 2005 12:53:08
-0800): Directive Local Value Master Value
session.save_ha ndler files files
That seems to indicate to me that MySQL isn't involved in the equation
at all, right?
Certainly: it's using the default handler, that's it, session data is
stored into files.
In any case, check GPR_intro.php in case there's actually something wrong
with your code.
--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
--
Thanks for the help, Álvaro. It just didn't seem to make sense to me
that the sessions would affect the database. The memory, or file space
on the web server I could understand, but not he database.
I'll double check my code just to be sure, but it's pretty straight
forward. When a person logs in, I do a session_start() at the top of
the page, then $_SESSION["userid"] = $sUserID further down in the code.
On the protected pages, I also do a session_start() , then I do a
isset($_SESSION["userid"]) check to see if the person is logged in or
not.
That's all there is to it.
Bryan
Alvaro G Vicario wrote:
Certainly: it's using the default handler, that's it, session data is
stored into files.
In any case, check GPR_intro.php in case there's actually something
wrong with your code.
--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
--
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: jing_li |
last post by:
Hi, you all,
I am a newbee for php and I need your help. One of my coworker and I
are both developing a webpage for our project using php. We have a
copy of the same files in different location on the server (in our own
accounts on the same machine). When I am testing both versions of our
program using the same browser (IE on Windows or Konqueror on Linux)
the session variables will mix up and only the latest selection or
options will...
|
by: Gleep |
last post by:
Hey PHP Gurus,
I have some complex scripts that work fine. I have a system where sessions are validated on every
page of my application to keep them secure. Everything runs fine when I test and code things. But I
am also fanatical about updating the browser for security patches and remove all spyware, virues
etc.. But some of my clients are not that savy and that leads me to my first question.
Occasionally I have a client complain that...
|
by: Rob |
last post by:
I have an ASP.NET application that uses forms-based
authentication. A user wishes to be able to run multiple
sessions of this application simultaneously from the
user's client machine.
The web.config file is configured as such:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All"
name="myApplication"/>
</authentication>
|
by: Miguel |
last post by:
Hi all friends:
It's said that Sessions objects in ASP 3.0 with IIS 5.0 occupy certain memory of the machine which take to take care about use a lot of Sessions objects in the ASPs pages of the applications.
So my question is about how recommendable is to use a lot of Sessions objects in ASP.Net I want to use in my application 30 of this objects. Im gonna use them for give permissions to the users of the application.
Regards.
|
by: Edgardo Sepulveda |
last post by:
Hi, one question, is there a limit on the numbers of sessions that a
client can have? i dont know why but suddently, as i handle a lot of the
user information with sessions, and also have added a lot of new
features,, my users are telling me that they are getting session timeout
page, that i have for when it happens, but, why now? is there a way that i
can count the number of sessions of a client?
Thanks for your help, BTW, im using a...
| | |
by: Daniel Walzenbach |
last post by:
Hi,
I have a web application which sometimes throws an “out of memoryâ€
exception. To get an idea what happens I traced some values using performance
monitor and got the following values (for one day):
\\FFDS24\ASP.NET Applications(_LM_W3SVC_1_Root_ATV2004)\Errors During
Execution: 7
\\FFDS24\ASP.NET Apps v1.1.4322(_LM_W3SVC_1_Root_ATV2004)\Compilations
|
by: Simon Dean |
last post by:
And while Im at it... should I be using PHP's built in sessions, or use
my own functions that I've chobbled together from various sources and
takes advantage of also validating IP Addresses???
I don't like to use things just because they're there. Im currently
rewriting a web front end to a helpdesk. The old one was written in ASP
and very very poorly structured and programmed. Im blazing in with PHP
and unfortunately SQL Server and I've...
|
by: Evan Nelson |
last post by:
We are running our website on 3 W2K servers using classic ASP and IIS 5.0.
Because the servers are load balanced we don't use the ASP Session object
instead we store session type information to the database. Since we don't
use them, we do not enable Sessions in IIS
We recently purchased a 3rd party application that stores some security
information into the Session object. Since the the package is storing and
retrieving from the session...
|
by: magic_hat60622 |
last post by:
Hi all. I've got an app that dumps a user id into a session after
successful login. the login page is http://www.mydomain.com/login.php.
If the user visits pages on my site without the www (i.e.,
http://mydomain.com/foo.php), the session works fine and login state is
maintained.
If he visits http://www.mydomain.com/foo.php, the app drops the
logged-in state.
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
