473,320 Members | 1,817 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

$_SESSION problem - page reload creates new Session ID

Hello,

I am having trouble using the session vars in
PHP 4.3.9
OS: Win XP Prof
Web Server IIS (is local and there are no links to other servers from
the web pages I work on)
Browser: IE 6.0

The problem I am having is that each time I reload the same PHP page, I get
a different
Session ID (and thus all session vars are lost from one page to another).

let's say in firstpage.php I set
$_SESSION["firstvar"] = "someval";
$_SESSION["secvar"] = "otherval";

and in secpage.php I try to retrieve $_SESSION["firstvar"] , it gives me
"Undefined Index error"
I did not know what is happening and when printing out the session id (echo
SID;) I found out
that the ID is changing every time page is reloaded or when moving to
another page.

The problem is that I don't know what might reset the session since I use
"session_auto_start"
and have not played with session_start, session_destroy or anything else.

Can someone give me a hint on what might cause this ?

Thanks

Settings taken from PHP_INFO:
================================================== ========
Session Support enabled
Registered save handlers files user

Directive Local Value Master Value
session.auto_start On On
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path D:\PHP\SessionData D:\PHP\SessionData
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off

Jul 17 '05 #1
13 23240
Mimi wrote:
Hello,

I am having trouble using the session vars in
PHP 4.3.9
OS: Win XP Prof
Web Server IIS (is local and there are no links to other servers from
the web pages I work on)
Browser: IE 6.0

The problem I am having is that each time I reload the same PHP page, I
get a different
Session ID (and thus all session vars are lost from one page to another).

let's say in firstpage.php I set
$_SESSION["firstvar"] = "someval";
$_SESSION["secvar"] = "otherval";

and in secpage.php I try to retrieve $_SESSION["firstvar"] , it gives me
"Undefined Index error"
I did not know what is happening and when printing out the session id
(echo SID;) I found out
that the ID is changing every time page is reloaded or when moving to
another page.

The problem is that I don't know what might reset the session since I use
"session_auto_start"
and have not played with session_start, session_destroy or anything else.

Can someone give me a hint on what might cause this ?

Thanks

Settings taken from PHP_INFO:
================================================== ========
Session Support enabled
Registered save handlers files user

Directive Local Value Master Value
session.auto_start On On
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path D:\PHP\SessionData D:\PHP\SessionData
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off


Looks good to me.
Are you maybe jumping to another domain too when you say you jump to another
page?
Cookies are invisible when the domain changes (or even path in the same
domain in some cases)

http://www.domain1.com/somephp.php <- sets cookie with PHPSESSIONID

http://www.domain2.com/somephp.php <- invisible here

I am unsure if that is the case of course.

A great way to debug theese kind of problems is by simply investigating the
cookies set on your browser.
(Use Firefox or Mozilla for a userfriendly cookieviewer under tools)

Regards,
Erwin Moller
Jul 17 '05 #2
Mimi wrote:
The problem I am having is that each time I reload the same PHP page, I get
a different
Session ID (and thus all session vars are lost from one page to another).
<snip>
Can someone give me a hint on what might cause this ?


Did you start the session both for the firstpage.php and secpage.php?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #3
Pedro Graca wrote:
Mimi wrote:
The problem I am having is that each time I reload the same PHP page, I
get a different
Session ID (and thus all session vars are lost from one page to another).
<snip>
Can someone give me a hint on what might cause this ?


Did you start the session both for the firstpage.php and secpage.php?


Mimi wrote:
The problem is that I don't know what might reset the session since I use
"session_auto_start"


So that shouldn't be a problem.

Regards,
Erwin Moller
Jul 17 '05 #4
Mimi wrote (edited):
Can someone give me a hint on what might [make session not work] ? Settings taken from PHP_INFO: <snip> session.save_path D:\PHP\SessionData D:\PHP\SessionData


Are you sure PHP can write files here?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #5
Hello,

Thanks for all your input. Because there were several replies,
I will answer all of them here:

1) Yes, PHP can write in the "session_save_path" folder and I can see
there are 120 session files for the day and this is a local machine
where I am the only one to have access to.

2) The files I am trying to access are part of the same domain

3) Because I use "session_auto_start" in php.ini I am not required
to use "session_start()" on php pages; So the answer is NO, I am not using
this function

Because the cause of the problem has not been identified, I am still
asking for your support.

Thanks
"Pedro Graca" <he****@dodgeit.com> wrote in message
news:sl*******************@ID-203069.user.uni-berlin.de...
Mimi wrote (edited):
Can someone give me a hint on what might [make session not work] ?

Settings taken from PHP_INFO:

<snip>
session.save_path D:\PHP\SessionData D:\PHP\SessionData


Are you sure PHP can write files here?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!


Jul 17 '05 #6
Mimi wrote:
Because the cause of the problem has not been identified, I am still
asking for your support.


Do you have cookies enabled in your browser?
Verify that and also try passing the session id in the url:

---- firstpage.php ----
echo '<a href="secpage.php?', SID, '">second page</a>';
--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #7
Hello,

Yes, cookies and all the othe stuff are enabled on my browser (internet
options -> internet security).
And Yes, I use SID to display the session ID on my pages.

Since I am able to see the sessions created in "SessionData" folder and I
can see that the session vars
are there and set when the application is started. This page is displayed
properly.

The problem occurs when I click to go to another page and in this case at
"page load" a new session
is created which does not contain the session vars I set in the default
page.
A new session ID is created and therefore a new file can be found on the
"SessionData" folder.

The code I have in those pages is complex but I do not use any functions
that can trigger the app to
create a new session and that's why I do not understand what might cause
this behavior.

Is anybody aware, besides "session_start()", of a known function or event
that may trigger
this problem ?

I understand that when cookies are not enabled this might happen but since
they can be set, something else
might happen.

Thank You again.

"Pedro Graca" <he****@dodgeit.com> wrote in message
news:sl*******************@ID-203069.user.uni-berlin.de...
Mimi wrote:
Because the cause of the problem has not been identified, I am still
asking for your support.


Do you have cookies enabled in your browser?
Verify that and also try passing the session id in the url:

---- firstpage.php ----
echo '<a href="secpage.php?', SID, '">second page</a>';
--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!


Jul 17 '05 #8
Hello,

There is one thing I forgot to mention:

On my application I am using FRAMES, and I noticed one strange thing:

If I place the "include (SomeSessionVars.php)" in the default FRAMESET page
(not in the Frame),
the session vars are not set. I have to include my file in the default page
of one of the
available frames. And only then the vars are set.
The files I talked about are in fact in the same directory ?!

"Mimi" <mi**@coco.com> wrote in message
news:X1*************@fe39.usenetserver.com...
Hello,

Yes, cookies and all the othe stuff are enabled on my browser (internet
options -> internet security).
And Yes, I use SID to display the session ID on my pages.

Since I am able to see the sessions created in "SessionData" folder and I
can see that the session vars
are there and set when the application is started. This page is displayed
properly.

The problem occurs when I click to go to another page and in this case at
"page load" a new session
is created which does not contain the session vars I set in the default
page.
A new session ID is created and therefore a new file can be found on the
"SessionData" folder.

The code I have in those pages is complex but I do not use any functions
that can trigger the app to
create a new session and that's why I do not understand what might cause
this behavior.

Is anybody aware, besides "session_start()", of a known function or event
that may trigger
this problem ?

I understand that when cookies are not enabled this might happen but since
they can be set, something else
might happen.

Thank You again.

"Pedro Graca" <he****@dodgeit.com> wrote in message
news:sl*******************@ID-203069.user.uni-berlin.de...
Mimi wrote:
Because the cause of the problem has not been identified, I am still
asking for your support.


Do you have cookies enabled in your browser?
Verify that and also try passing the session id in the url:

---- firstpage.php ----
echo '<a href="secpage.php?', SID, '">second page</a>';
--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!




Jul 17 '05 #9
Mimi wrote:
There is one thing I forgot to mention:

On my application I am using FRAMES, and I noticed one strange thing:


Frames shouldn't be a problem (as far as session data is concerned --
frames are bad!).

A simple script with sessions works for you with your current
configuration?
========
<?php
session_start();
if (!isset($_SESSION['hits'])) $_SESSION['hits'] = 0;
++$_SESSION['hits'];

echo '<p>Session hits: ', $_SESSION['hits'], '</p>';
echo '<p>Refresh the page or click <a href="', $_SERVER['PHP_SELF'],
'">here</a>.';
?>
--------
At every refresh this page /should/ keep increasing the displayed number
of hits. Does it?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #10
Hello,

Yes, everything works on individual pages. So I can set session variables
and later make references to them or print them out on the screen.
What is not working is accessing session vars that have been already
set on a page just viewed because there is a new session created
when the page is loaded.

What is also strange is that every time I try to refresh any page on my app,
a new session is created and don't understand why !? And that is the reason
I
can not pinpoint the problem.

Thanks anyway for trying to help.

"Pedro Graca" <he****@dodgeit.com> wrote in message
news:sl*******************@ID-203069.user.uni-berlin.de...
Mimi wrote:
There is one thing I forgot to mention:

On my application I am using FRAMES, and I noticed one strange thing:


Frames shouldn't be a problem (as far as session data is concerned --
frames are bad!).

A simple script with sessions works for you with your current
configuration?
========
<?php
session_start();
if (!isset($_SESSION['hits'])) $_SESSION['hits'] = 0;
++$_SESSION['hits'];

echo '<p>Session hits: ', $_SESSION['hits'], '</p>';
echo '<p>Refresh the page or click <a href="', $_SERVER['PHP_SELF'],
'">here</a>.';
?>
--------
At every refresh this page /should/ keep increasing the displayed number
of hits. Does it?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!


Jul 17 '05 #11
Now this is ridiculous:
After all this fuss I found out what the problem was:

I have ZoneAlarm installed on this computer but under "Cookie Control"
I let session and persistent cookies get through. I only disabled "Third
Party Cookies"

Immediately when I enabled "Third Party Cookies" the session was working as
intended.

I am not sure why ZoneAlarm would consider the local session files as "third
party" ?!

Anyways, Thank You all
"Mimi" <mi**@coco.com> wrote in message
news:2I************@fe61.usenetserver.com...
Hello,

Yes, everything works on individual pages. So I can set session variables
and later make references to them or print them out on the screen.
What is not working is accessing session vars that have been already
set on a page just viewed because there is a new session created
when the page is loaded.

What is also strange is that every time I try to refresh any page on my
app,
a new session is created and don't understand why !? And that is the
reason I
can not pinpoint the problem.

Thanks anyway for trying to help.

"Pedro Graca" <he****@dodgeit.com> wrote in message
news:sl*******************@ID-203069.user.uni-berlin.de...
Mimi wrote:
There is one thing I forgot to mention:

On my application I am using FRAMES, and I noticed one strange thing:


Frames shouldn't be a problem (as far as session data is concerned --
frames are bad!).

A simple script with sessions works for you with your current
configuration?
========
<?php
session_start();
if (!isset($_SESSION['hits'])) $_SESSION['hits'] = 0;
++$_SESSION['hits'];

echo '<p>Session hits: ', $_SESSION['hits'], '</p>';
echo '<p>Refresh the page or click <a href="', $_SERVER['PHP_SELF'],
'">here</a>.';
?>
--------
At every refresh this page /should/ keep increasing the displayed number
of hits. Does it?

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!



Jul 17 '05 #12
Mimi wrote:
Yes, everything works on individual pages.
Ok. So it is not a problem with the server.
So I can set session variables
and later make references to them or print them out on the screen.
Just re-checking:
When you say later, do you mean later in the same script (like setting
$_SESSION['something'] = 42 in line 17 and echoing that in line 163)
or later in another request for possibly another URL?
What is not working is accessing session vars that have been already
set on a page just viewed because there is a new session created
when the page is loaded.

What is also strange is that every time I try to refresh any page on my app,
a new session is created and don't understand why !? And that is the reason
I can not pinpoint the problem.


As fas as the server is concerned all requests are independant.

Between two requests of your browser, there could have been a hundred
requests from other browsers. PHP needs a way to identify that this
101st request is the one to associate with the first and recreate the
session variables. It does that because on the first session_start() it
sent the browser a cookie with the session id and the browser sends the
cookie back to the server. PHP then checks in session.save_path for a
file corresponding to that cookie and recreates the session variables.
Something like this happens:

CLIENT => Hey! Gimme "index.php"
SERVER <= I'm going to keep a few values for you saved on my disk.
In order for me to fetch them later I ask you to send
me back the "PHPSESSID=0123456789abcdef" cookie.

ANOTHER CLIENT => same thing here
SERVER (TO ANOTHER CLIENT) <= almost the same thing (different
session id)

...
100 more requests
...

CLIENT (you again) => Hey! Gimme "list.php"
You stored data for me on your disk. The key
to that data is "PHPSESSID=0123456789abcdef"
SERVER <= Ok, keep sending me the key to the data and all is well
if the browser didn't send the cookie, PHP thinks it is a request
that is independant of the first and will create a brand new session
id for it (with the corresponding file in the session.save_path
directory).

Another way for the browser to tell the server what session to use,
instead of using cookies, is to pass the session id in the URL or in a
(hidden) form field


So, I guess your browser is not sending the session id back to the
server for that specific page you're having problems with.

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #13
Mimi wrote:
Hi Mimi,

Glad you solved it.

Now this is ridiculous:
After all this fuss I found out what the problem was:

I have ZoneAlarm installed on this computer but under "Cookie Control"
I let session and persistent cookies get through. I only disabled "Third
Party Cookies"
Woot?
That sounds strange...
I use ZoneAlarm too on my M$-box, but NEVER had trouble like this.
Maybe you hitted some obscure bug in Zonealarm?
Please contact them.

Immediately when I enabled "Third Party Cookies" the session was working
as intended.

I am not sure why ZoneAlarm would consider the local session files as
"third party" ?!

Anyways, Thank You all


You are welcome.

Regards,
Erwin Moller
Jul 17 '05 #14

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
by: Dynamo | last post by:
Yep its me again, I have succesfully created a login page for my site. I have used the PHP_SELF so that once the user has succesfully logged on the page reloads. Everything works fine the first...
8
by: DKM | last post by:
Here are the source code files to a Java applet that utilizes LiveConnect to communicate with Javascript, and the HTML file. The thing works both in IE 6.0 and FireFox 1.4. but with some...
3
by: Carpe Diem | last post by:
Hello I have an aspx page that loses Session("user") value after a few minutes even after I set <sessionState mode="InProc" cookieless="false" timeout="300"> in web.config and wrote function...
3
by: michael | last post by:
Good Morning Everyone, I am writing a script to add and remove rows from a table. Here are the two functions: function newRow(rowNo) { var theTable = document.getElementById("table1");...
2
by: Brenden Bixler | last post by:
Hello. I've got a long web form that has to reload 6-7 times to validate data (sigh, I know) making for a rocky-enough experience for users. To add insult to injury, each time the page reloads,...
1
by: ijevsk | last post by:
I have asp page of my system and when I click on the link I want to open new login page.If I enter to the system throuth this page my old session is overides. I wont that to have two pages with...
2
by: ramanaths | last post by:
Hi I have a page that shows many thumbnail images. on load of this page i have some code that invokes a javascript which shows a message saying 'loading images'... this is hidden once all the...
1
by: pendem | last post by:
I mean can set a variable value in a script to be unchanged even after page reload? for example if i set a value of a global variable "val" to 2 ; so using onbeforeunload() or onunload(), i will...
0
by: tangara | last post by:
Hi, I would like to know how to make use of session to apply in my jsp pages. My login.html page contains the session codes as follows:- <%@page import="java.util.*"%> <String str =...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.