By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
464,557 Members | 974 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 464,557 IT Pros & Developers. It's quick & easy.

Session problems

P: n/a
Hi there...

I've got a problem where a normal string variable loses its value after
session_start() is called. The funny thing is, that this only happens
for some people, and they are using IE6, but it does not happen with all
versions of IE6. I've tested myself only with Mozilla and IE5, but the
problem does not occur for me.

I've got a username stored in $user, which is obtained from the $_POST
variable, but after session_start() is called $user is empty, but the
username still is in $_POST['username'].

PHP version is 4.3.1 on Apache on a linux server.
Then another problem I have is being logged out from a session after a
certain length of inactivity it would seem. I've only noticed this on
a server which is running PHP 4.3.3/Apache 1.3.28/linux. It's about
after half an hour of inactivity that I get logged out. I've checked
the cookie and it is set to expire on session/browser exit. I haven't
noticed this behavior on my own server also running PHP 4.3.3. I also
checked the PHP session configuration and it's the same on both servers.

So, any ideas what could be causing this...?
Thanks for any help,
Daniel Bengs

Jul 17 '05 #1
Share this Question
Share on Google+
6 Replies

P: n/a
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:
I've got a problem where a normal string variable loses its value after
session_start() is called. The funny thing is, that this only happens
for some people, and they are using IE6, but it does not happen with all
versions of IE6. I've tested myself only with Mozilla and IE5, but the
problem does not occur for me.
Very strange. PHP is running on the server, not on the browser.
I've got a username stored in $user, which is obtained from the $_POST
variable, but after session_start() is called $user is empty, but the
username still is in $_POST['username'].
This is one of the problems if register_globals is activated. Could you
check this?
Then another problem I have is being logged out from a session after a
certain length of inactivity it would seem. I've only noticed this on
a server which is running PHP 4.3.3/Apache 1.3.28/linux. It's about
after half an hour of inactivity that I get logged out. I've checked
the cookie and it is set to expire on session/browser exit. I haven't
noticed this behavior on my own server also running PHP 4.3.3. I also
checked the PHP session configuration and it's the same on both servers.


Sure? What's the value of session.gc_maxlifetime and
session.gc_probability = 1 in the php.ini?

Regards,
Matthias
Jul 17 '05 #2

P: n/a
Matthias Esken wrote:
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:

I've got a problem where a normal string variable loses its value after
session_start() is called. The funny thing is, that this only happens
for some people, and they are using IE6, but it does not happen with all
versions of IE6. I've tested myself only with Mozilla and IE5, but the
problem does not occur for me.

Very strange. PHP is running on the server, not on the browser.

I've got a username stored in $user, which is obtained from the $_POST
variable, but after session_start() is called $user is empty, but the
username still is in $_POST['username'].

This is one of the problems if register_globals is activated. Could you
check this?


Yes, according to phpinfo() register globals is on.
Then another problem I have is being logged out from a session after a
certain length of inactivity it would seem. I've only noticed this on
a server which is running PHP 4.3.3/Apache 1.3.28/linux. It's about
after half an hour of inactivity that I get logged out. I've checked
the cookie and it is set to expire on session/browser exit. I haven't
noticed this behavior on my own server also running PHP 4.3.3. I also
checked the PHP session configuration and it's the same on both servers.

Sure? What's the value of session.gc_maxlifetime and
session.gc_probability = 1 in the php.ini?


session.gc_maxlifetime 1440
session.gc_probability 1

....according to phpinfo() at least...

Jul 17 '05 #3

P: n/a
Daniel Bengs wrote:
Matthias Esken wrote:
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:

I've got a problem where a normal string variable loses its value
after session_start() is called. The funny thing is, that this only
happens for some people, and they are using IE6, but it does not
happen with all versions of IE6. I've tested myself only with Mozilla
and IE5, but the problem does not occur for me.


Very strange. PHP is running on the server, not on the browser.

I've got a username stored in $user, which is obtained from the $_POST
variable, but after session_start() is called $user is empty, but the
username still is in $_POST['username'].


This is one of the problems if register_globals is activated. Could you
check this?

Yes, according to phpinfo() register globals is on.


What's also common for the people in this case is that they are on an
internal network, not that I understand why that would make any
difference either... :)

And now I also noticed another funny thing. On one page where an
addition to a mysql database is made a field, which is the user who made
the addition, is empty for some persons, but not everyone who makes the
addition. The username value is retrieved with:

"((string) $_SESSION['username'])".

But when the username, on the same page, is written to a logfile, with
the same code above, it is not empty.

Jul 17 '05 #4

P: n/a
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:
And now I also noticed another funny thing. On one page where an
addition to a mysql database is made a field, which is the user who made
the addition, is empty for some persons, but not everyone who makes the
addition. The username value is retrieved with:

"((string) $_SESSION['username'])".

But when the username, on the same page, is written to a logfile, with
the same code above, it is not empty.


Does the problem occur while displaying the data or storing the data in
the database.

In the second case, there might be some special chars like ' in the
username. Always use mysql_escape_string() for values that you want to
send to the MySQL server.

Regards,
Matthias
Jul 17 '05 #5

P: n/a
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:
Matthias Esken wrote:
Sure? What's the value of session.gc_maxlifetime and
session.gc_probability = 1 in the php.ini?


session.gc_maxlifetime 1440
session.gc_probability 1


So the session is considered invalid after 1440 seconds of inactivity
which are 24 minutes. With a probability of 1% the session is killed
during a session initialization. If not, you can continue to use the
session. If a lot of requests hit the server, the probability that the
idling session is killed after 30 minutes is very high. If you're just
testing your code with one user, it might take longer. Increase
session.gc_maxlifetime if you need more time.

Regards,
Matthias
Jul 17 '05 #6

P: n/a
Matthias Esken <mu******************@usenetverwaltung.org> wrote in message news:<bn**********@usenet.esken.de>...
Daniel Bengs <a-****@non-existing-e-mail-adress.com> schrieb:
And now I also noticed another funny thing. On one page where an
addition to a mysql database is made a field, which is the user who made
the addition, is empty for some persons, but not everyone who makes the
addition. The username value is retrieved with:

"((string) $_SESSION['username'])".

But when the username, on the same page, is written to a logfile, with
the same code above, it is not empty.
Does the problem occur while displaying the data or storing the data in
the database.


Displaying it... anyway, it seems that it works better now when I
moved the session_start to the top of the code, but I still didn't
have any code that was outputting anything...
In the second case, there might be some special chars like ' in the
username. Always use mysql_escape_string() for values that you want to
send to the MySQL server.


None of the usernames have any special characters...
PS. My news server didn't get the last two posts (besides a whole lot
other posts it doesn't get) and therefore I haven't answered before
now. So I'm using Google groups now instead...
Jul 17 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.