Php Session problem

Hi!

I'm using the following session code for throwing out the users from my intra if sessiontime has been idle for over 3600 seconds.

The thing is that this worked without any problems when using mysql 4 and php 4 versions, but now that I started using mysql 5 and php 5 versions it throws out the user straight away when the user has logged in and clicked a link on the page.

Any ideas?

-T
if(!session_is_registered("session_count")) {
   $session_count = 0;
   $session_start = time();
   $_SESSION['session_count']=$session_count;
   $_SESSION['session_start']=$session_start;
} else {
      $session_count++;
}
 
 
$session_timeout = 21600; // 0.5hr (in sec)
 
 
$session_duration = (time() - $session_start);
if ($session_duration > $session_timeout)
{
    $goback ="http://www.tobias.huone.net/td/index.php?id=cpanel&page=logout";
	header ("Location: $goback");
}
$session_start = time();

Open in new window

ToubeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hernst42Commented:
* session_start() is missing
* don't mix session_register, session_is_registered, ... with $_SESSION  http://www.php.net/manual/en/ref.session.php#session.examples
0
ToubeAuthor Commented:
Thanks for your reply,

I've alreade started the session earlier.

-T
<?php
session_start();
$c_ip = $HTTP_COOKIE_VARS["user_ip"];
$counter_file = "../count.txt";
$counter_file_line = file($counter_file);
if(!$c_ip)
{
setcookie("user_ip", $REMOTE_ADDR, time()+360000);  $counter_file_line[0]++;
$cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
fclose($cf);
}
elseif($c_ip != $REMOTE_ADDR)
{
$counter_file_line[0]++;
$cf = fopen($counter_file, "w+");
fputs($cf, "$counter_file_line[0]");
fclose($cf);
}
?>
<?php
include("/home/tobias/domains/tobias.huone.net/include/db_connect.php");
include 'online_users/whosonlineupdate.php';
//echo $logged_in;
if ($logged_in == 0)
{
		$goback ="http://www.tobias.huone.net/td/index.php?id=cpanel&page=login";
		header ("Location: $goback");
}
 
 
if(!session_is_registered("session_count")) {
   $session_count = 0;
   $session_start = time();
   $_SESSION['session_count']=$session_count;
   $_SESSION['session_start']=$session_start;
} else {
      $session_count++;
}
 
$session_timeout = 21600; // 0.5hr (in sec)
 
$session_duration = (time() - $session_start);
if ($session_duration > $session_timeout)
{
    $goback ="http://www.tobias.huone.net/td/index.php?id=cpanel&page=logout";
	header ("Location: $goback");
}
$session_start = time();
 
 
require ('basepage.php');
basepage(main);
?>

Open in new window

0
IulianSurgiuCommented:
Where are you setting the session, and what about the SQL? You said you updated the Sql Database engine but you did not posted the file.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

hernst42Commented:
YOucode relieas on register global and longvars to be turned on
instead of $HTTP_COOKIE_VARS use $_COOKIE
instead of $REMOTE_ADDR us $_SERVER['REMOTE_ADDR']
there might be additional variables which must be rewritten to comply to php5

instead of
if(!session_is_registered("session_count")) {
use
if(empty($_SESSION["session_count"])) {
0
ToubeAuthor Commented:
Thanks hernst42,

Now it doesn't throw the user immediately out.
I set the timeout to 5 s. but it doesn't seem to throw the user out now.. some tweaking still needed :)

-T
0
simply_dhavalCommented:
hi toub

if you have terminal access to server check if the session files are actually being created?
0
ToubeAuthor Commented:
What would be the best way to check this.. Putty? and where do I check?
0
simply_dhavalCommented:
well yes you can login to server with putty and you can see phpinfo page it shows where exeactly sessions are being stored

or simply check out the php.ini file for path of session folder mostlikly it should be /var/php/sessions not sure about it but you will find it on phpinfo page or php.ini file
0
ToubeAuthor Commented:
Didn't find it any php.ini or phpinfo page..I'n no linux experts:)
0
simply_dhavalCommented:
you don't have to be linux expert ;)

just make one php page with this code

<?
      echo phpinfo();
?>

and access it in your web browser it will even show you where your ini file is located

or else you can just type phpinfo on command line and it will give you sme thing but in text formate. since you aint an expert i advice you to make one php page with above code it will give you nice formated output
0
ToubeAuthor Commented:
Thanks simply_dhaval, should have known that:)

Here's the result--> check the screenshot.

-T


session.JPG
0
simply_dhavalCommented:
what i see is there is no value for the session path save which is not really needed but m you can try to set it some to point in some directory say /var/phpsession and then make sure that it has proper permission. so that it can write sessions in to that directory ( may be for testing you can just give 777 which is really bad) but if it works you can set it for proper user with 755 may be but 777 will give you quick results

just try it and hope it works..

am signing off for day soon so may be i will catch on this tomorrow if it worked or not
0
simply_dhavalCommented:
gosh i forgot to say you have to put path in php.ini and then restart both apache and php  and you will be able to see apth pf php.ini in that info page
0
ToubeAuthor Commented:
Thanks for your input dhaval, I should probably contact my webhotel admin and ask him if there is everything in order with the sessions configurations.

-T
0
ToubeAuthor Commented:
Contacted my webhotels admin and asked him to set the session path and give a 755 or 777 permission. Well he haven't set it yet, I post here when he sets it and I can test it out.
0
ToubeAuthor Commented:
Ok, my webhotels admin has set a tmp folder that has the rights 777 for sessions, but the same problem still persists.. any other things I could suggest or try?
0
simply_dhavalCommented:
sorry pal i been bit busy lately , i will give you some simple test code that can help in find out this problem ..but have yo uchecked whats location of session path in your php.ini ?

0
ToubeAuthor Commented:
Hi, the session path is /tmp.

-T
0
simply_dhavalCommented:
i just see in your searlier screen shot session_save_path doesn't show any value it says "no value"  so i was not sure anyway, i will need some time to check on this ..since you are not getting any error message either
0
ToubeAuthor Commented:
Heres is the path:

http://www.tobias.huone.net/td/user/info.php

Error messages.. where should I search for them?

-T
0
ToubeAuthor Commented:
Any news simply_dhaval?
0
simply_dhavalCommented:
sorry pal am just too busy with things here at the moment in handling over project to new team. but here is what you can do for error check out error handling and logging section in your php.ini file

I have attached that section of my php.ini file here. so if you check then logs will be written in /tmp/phperror.txt and you can check them then to see the error if any occured
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
; error_reporting is a bit-field.  Or each number up to get desired error
; reporting level
; E_ALL             - All errors and warnings (doesn't include E_STRICT)
; E_ERROR           - fatal run-time errors
; E_WARNING         - run-time warnings (non-fatal errors)
; E_PARSE           - compile-time parse errors
; E_NOTICE          - run-time notices (these are warnings which often result
;                     from a bug in your code, but it's possible that it was
;                     intentional (e.g., using an uninitialized variable and
;                     relying on the fact it's automatically initialized to an
;                     empty string)
; E_STRICT          - run-time notices, enable to have PHP suggest changes
;                     to your code which will ensure the best interoperability
;                     and forward compatibility of your code
; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
;                     initial startup
; E_COMPILE_ERROR   - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR      - user-generated error message
; E_USER_WARNING    - user-generated warning message
; E_USER_NOTICE     - user-generated notice message
;
; Examples:
;
;   - Show all errors, except for notices and coding standards warnings
;
;error_reporting = E_ALL & ~E_NOTICE
;
;   - Show all errors, except for notices
;
;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
;
;   - Show only errors
;
;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR
;
;   - Show all errors, except coding standards warnings
;
error_reporting  =  E_ALL
 
; Print out errors (as a part of the output).  For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below).  Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = Off
 
; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed.  It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off
 
; Log errors into a log file (server-specific log, stderr, or error_log (below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = On
 
; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
log_errors_max_len = 1024
 
; Do not log repeated messages. Repeated errors must occur in same file on same
; line until ignore_repeated_source is set true.
ignore_repeated_errors = Off
 
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; sourcelines.
ignore_repeated_source = Off
 
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = On
 
; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off
 
; Disable the inclusion of HTML tags in error messages.
; Note: Never use this feature for production boxes.
;html_errors = Off
 
; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot.
; Note: Never use this feature for production boxes.
;docref_root = "/phpmanual/"
;docref_ext = .html
 
; String to output before an error message.
;error_prepend_string = "<font color=ff0000>"
 
; String to output after an error message.
;error_append_string = "</font>"
 
; Log errors to specified file.
error_log = "/tmp/phperror.txt"
 
; Log errors to syslog (Event Log on NT, not valid in Windows 95).
;error_log = syslog

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
simply_dhavalCommented:
alos you can check  for directive "output_buffering". i think  it should be set to "on"  ( generally it set to some value like 1025 etc ) for sessions to work correctly.  am not too sure about it but you can try that
0
ToubeAuthor Commented:
Thanks, will try to figure this one out :)

-T
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.