Session error causes lockup until you delete PHPSESSID
Posted on 2008-10-24
I run a social networking website that's built on PHPFox version 1.5.1 (running on PHP 4.4.4 with the APC extension and Apache 1.3.33) . I have a serious problem regarding sessions, which unfortunately I am unable to duplicate, making it very hard to solve. Here's what happens...
You'll be surfing the site fine, then all of a sudden things will sort of "lock up" and it won't load any more pages. In Firefox it just says connecting to http://mysite.com, but in IE it will actually give you a "page cannot be displayed" error, as if it's unable to connect to the server. If you go into your cookies and delete the PHPSESSID cookie then everything is back to normal and the site loads fine.
I have very rarely experienced the bug myself. Perhaps five times in the past six months. However some of my visitors seem to experience it more often. I have one guy who says he consistently gets the error after surfing the site for only a couple minutes. Luckily, I'm able to use this guy for testing, at least when he feels like answering my e-mails.
I had him surf on my development site, which is running the exact same code as the live site. He said he got the error but it took about 30 minutes before it happened, instead of two. So it could possibly have something to do with the amount of traffic the site is getting (approximately 20,000 unique today) however the development site and live site are hosted on the same server, so it must not be a server load thing
I actually just got the error myself, in Firefox, which allowed me to do a little bit of tweaking/testing. Basically I was doing some administrative work on the site, clicked a link, and the page would not load. After I determined that my connection was fine, and that my site was still up and could be accessed through IE, I realized this was the dreaded session bug. When I would click refresh, or try to access any other page on the site, the status bar of the browser would say "Connecting to mysite.com" and then "waiting for mysite.com" but then just hang there.
My knowledge of PHP is very limited, but from reading the manual one thing I decided to try was to add "session_regenerate_id();" after "session_start();" so that every time a new page is loaded it would generate a new PHPSESSID cookie. Before I uploaded the change I opened the "cookie browser" in Firefox and highlighted the PHPSESSID cookie, so I could see if the cookie changed.
I uploaded the updated file, and prayed that when I clicked my refresh button the page loaded, but no dice. :-( When I looked at the cookie I saw that it was not changing. I started looking into what else I might try, but within five minutes I saw that the page was now loading, and the cookie was now changing with every new request. I'm not sure why it suddenly started working, but it seems to me that the session_regenerate_id() command had no effect.
Any help with this problem would be greatly appreciated!!!