As first, I know a lot questions are like mine, but I really don't know what I'm doing wrong...
As you might've guessed, I've a PHP script involving sessions.
Everything works like a charm, except setting the lifetime of my session.
I want to keep the session active for two weeks, but instead my (Chrome) browser says it's set to xpire after the browsing session (and it does). My PHP script:
session_name('DSWLogin');
// Naming the session
session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks
session_start();
// Starting the session
It really doesn't work.
Thanks in advance,
Isaiah
Rewrite your code as
session_start();
setcookie(session_name('DSWLogin'),session_id(),time()+2*7*24*60*60);
Related
Yes, I know this has been asked a thousand times.. But, I've still been unable to find any specific fix that seems to work every time. I've tried many of the fixes people have suggested and I'm still having the same issue as before.
So, I run a server with a setup of multiple domains. They're all on the exact same server, and there is no transfer between servers here.
carnal.ueteribus.com <--- The Cookie is read and displayed here.
www.ueteribus.com <--- The login script is hosted here.
Basically those are the only two domains, and I'm trying to get the information from WWW to transfer to Carnal. Which is easier said than done.
Currently I've been trying to use
ini_set('session.cookie_domain', '.ueteribus.com');
Which hasn't worked, or maybe I have it programmed wrong. Anyways, any help would be very appreciated and if any additional information is required I am more than happy to provide.
NOTE: I do not have access to the PHP.ini, the company has denied such access.
session_name('LoginSession');
session_set_cookie_params(0, '/', 'ueteribus.com');
session_start();
I've also tried that
That seems to work in creating a named Cookie, but I couldn't figure out how to call it. My script wouldn't work anymore to call the actual login status, and I couldn't figure out how to fix it to ensure that this was even working.
<?php
session_set_cookie_params(0, '/', '.ueteribus.com');
session_start();
if (isset($_SESSION['error'])) {
echo $_SESSION['error'];
}
?>
Maybe something like this:
session_name('shared-name-between-sub-domains');
session_set_cookie_params(0, '/', '.domain.com');
session_start();
The absolute first two things in your scripts need to be:
ini_set('session.cookie_domain', '.xxxx.com');
session_start();
in that order, and any session's begun before adding that code will become inaccessible.
This assumes that both domain1.xxxx.com and www.xxxx.com live on the same server and use the same instance of PHP. It is impossible to share PHP session data across servers without writing your own custom session handler.
If there are no other domains on the server you may want to simply set session.cookie_domain in your php.ini.
As silly as it sounds, I'm baffled by this behavior:
In my PHP code I am calling session_start(); before anything else (not even a space before it is called). I can test this by setting a session variable and then echoing said variable.
If I run the following code on one of my pages I get an expected session ID back, but if I run it on one of post pages used for ajax then it comes up empty. Only sessions that I set on the ajax post page specifically can be seen, not session variables set from another page.
$a = session_id();
var_dump($a);
I know I'm going to get responses telling me to make sure my session_start(); has been called from the beginning, but I swear up and down it is (if it wasn't, sessions wouldn't work locally on that page).
What in the world could be causing this strange behavior?
FWIW, adding ini_set('display_errors', 1); error_reporting(E_ALL); doesn't give me any info other than telling me I have an undefined variable when trying to dump a session var that was set from another page.
How do you navigate between the pages? If you're using header, the session data isn't always written before leaving the first page. I had to use
session_write_close();
header('Location: page2.php');
If you say that session_start() is implemented correctly and $a shows on some pages but not on specific pages, I would say it is most likely because session variables are super global and maybe on those pages you have a global variable $a.
This ended up being caused by my /tmp partition being full. I have a headless dropbox installation on this server and it decided to update itself overnight last night to a new version and not clean up behind itself. I should have gotten a notification that the /tmp partition was full but I did not for some reason so I didn't even think about it being the cause.
Let this be a warning to others who find they have the same problem I did. I'm still not entirely sure why I was able to set a new session variable on the problem page or even set the session vars for the other pages to begin with if the /tmp was full.
I appreciate everyone's willingness to help out though!
So, I've been playin' around with sessions in PHP today, and after procrastinating over whether I should use sessions or not since I started PHP about 6 months ago (it looked scary), I've found it to be quite simple. But I am using time() as a session id, I'll explain why...
I found a page on session reference in php.net website, and one of the code samples uses this to manage sessions:
session_start();
if( !isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60)
$_SESSION['last_access'] = time();
However, this expires very quickly. Ofcourse, I COULD change 60 to a very high number, but this is for a website where customers will be spending on average, 3 - 4 hours just adding products to the shopping cart, so I can't have sessions expire unless they close the page.
How can I transfer the same session id over to all pages on our site regardless of time(). I don't really want to be using time to manage session id's.
I DID use the constant SID in a url like this:
<?php echo 'go to another page'; ?> however, using the constant, as advised by the PHP website, does not work.
Can someone please help me maintain the same session id, regardless of time, across the whole site?
Your help is much appreciated, and thanks! :)
I think you may have a misunderstanding of sessions. Assuming, their cookies are enabled, you will never need to use a session ID. The session ID itself is stored in a cookie. If you would like to keep a session alive longer, simply use ini_set('session.gc_maxlifetime', 20); and change 20 to the amount of minutes you would like it alive for.
Please keep in mind you must use start_session(); at the very top of each file to make sure that specific file uses sessions. (This would be a good reason to have 1 main included config file at the top of the php files, so u can easily add that to the 1 file and it is added to all pages)
I have a site which does a few ajax calls on page load. For some reason, CodeIgnitor is inserting 4 sessions (I'm assuming one for each ajax call) as you load the page. I'm storing the sessions in the database.
I'm pretty sure there should only be one session per browser. Firefox seems to generate only one; other browsers seem to create a whole bunch of sessions. Multiple sessions for the same user are giving me some serious authentication problems.
Why is this happening? How can I stop it?
I know the discussion took place while ago, but somebody might find this useful.
By now I've used CI session without storing its data in database. Today I decided to give it a try and immediately run across the same problem: CI was generating new session in every page load.
I checked my server time, timezone, my cookie etc. - everything I could find as a tip on forums - with no result. Then decided to debug the CI Session class myself.
Long story short, it turned out that my user_agent field in my session table was too small - VARCHAR 50 - which cuts the original user_agent string - hence CI doesn't find my session and generates onother one. I just increased the user_agent field size to 200 and everything works like a charm.
I forgot to mention that I use Mac OS X Lion.
Again, hope this will help somebody.
Check the date / time on your client OS, and on your server.
I know its too late, but maybe someone finds this page while looking for the answer...
I think it happens because CI sets an expiration time on the cookie containing the session id and if the time difference between the server and client is higher than the expiration time the cookie gets old and the server will generate a new session for the client on every request. Never took the time to figure out the exact mechanism, but happened to me several times, and this fix always worked.
I've found this topic with same problem: on every page CI generates new session. Possible solution: remove underscored from site name ( NOT "my_test_site.com", but "my-test-site.com"). At least, this helped in my situation.
Check your config.php file and make sure the cookie options are properly filled out. If they are not it cant track the user and it will gen a new session on every page load.
Check the date / time on your client OS, and on your server.
I had the same situation and confirm the solution as a fix
$config['cookie_domain'] = "example.com";
Use your domain name in this snippet.
I'm building an autologin system using cookies, but one fundamental part of the functionality of the cookies fails: they are non-persistent over different sessions - or even pages!
In my login script, I set the cookies like this:
setcookie('userID', $userID, time()+86400); // (edited after replies)
$userID has a value.
Then I print the $_COOKIE variable and it says array(['base_usid'] => 1); So that's good, but when I click the home page and print the $_COOKIE variable there, it says NULL.
Does anyone see the problem?
Cookies should have a time value for how long they should stay... Check http://php.net/manual/en/function.setcookie.php
In other words, change it to: setcookie('userID', $userID, time()+86400);
to make it stay for a day for example.
Aah, I've learned something new about cookies :) They have a path and they are only available on that path (the directory they were created in). I created the cookies on /user/login, and then tried to read them on /news/index. Won't work.
In the past I used to build websites with all files in just one folder (I know it's bad), so I didn't know of this cookie property. Sorry, I should have read the manual better...
Thanks for your help!
P.s.: Typing print_r($_COOOKIE); won't speed up debugging. :(
Cookies need an expiration time. Otherwise they are by default destroyed when a user closes his browser.
Try this instead
setcookie("userID", $userID, time()+3600);
This will last for an hour. Make the number bigger to have it last longer.
To unset / remove it, change the plus + to a minus -
:)
If its still not working after you've set an expiry time (and you've checked the clocks on server and client are correct) then have you checked that the cookie is being sent? Sounds like the problem with 'headers already sent'. Which would also imply you have a problem with error reporting / logging.
C.
Do you want to learn how to build CMS systems and login managers, or do you want to build an app... ?
Hate to do this, but my answer is : don't build your own login system. Instead, go grab some framework like CodeIgniter, Kohana, or even drupal or Joomla. If you are building a login system as a learning experience to understand how cookies work/etc, then fine.. go ahead.. as long as you don't plan on putting it into some production site. Otherwise, grab a well tested framework and use it.