?
Solved

Session variables clearing too soon

Posted on 2011-02-13
7
Medium Priority
?
574 Views
Last Modified: 2012-08-13
Hi Experts-

I have managed private server running LAMP with over 30 sites on the server. All of the sites handle session variables perfectly except for one.

I can set the time limit on the session variables for all of the other sites to any length that I want except for one of the sites. No matter what I enter, all of the session variables clear at a default of 20 minutes. I currently have it set to a maxlifetime of 86400 which should be 24 hours.

When I look at the phpinfo file it shows the maxlifetime set to 86400.

Where can I look or how do I find what is overwriting this session lifetime variable?

Thanks for your help.
0
Comment
Question by:danjen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 3

Expert Comment

by:wwwdeveloper2
ID: 34885144
My initial thoughts:

1) Is the script/php app that is creating the sessions setting their own timeouts using ini_sets?

http://prajapatinilesh.wordpress.com/2009/01/14/manually-set-php-session-timeout-php-session/

2) If you haven't did this yet, maybe you can put one of your own files out without ini_sets and use php to write a session and see if it expires in 20 minutes - It should listen to your php.ini file, since no ini_sets for the script were set.

3) Is the apache session settings for that account set at 20 minutes?  Maybe the apache settings have more priority over the php settings?  I would look at the apache settings for that account and also any .htaccess files in that account's directories to see if they have a setting of 20 minutes for the sessions.

I have never experienced this problem, but these are just some of the thoughts that came to mind.  If you need additional information, please feel free to ask me.   I'll help/brainstorm anyway I can.
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 34886091
I think there is value in your tenth application which is destroying the session
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 34887457
There are complex interactions between cookies, sessions and the garbage collector.  The default time for session garbage collection is, in effect, the end of session life plus 1440 seconds.  The cookie that connects the browser to the session data expires when the browser is closed.  So there are two easy ways to lose your session.  You can close the browser, or you can wait for 20 minutes of inactivity - and note that inactivity is important because the session handler sets the cookie each time your script does session_start().

Sessions are used to maintain stateful information between web pages during the life of a visit to a web site.  Most clients visit a web site for a little while, then do something else.  I would not expect any client to spend 24 consecutive hours on my web site.  If you want to keep client state information for that long, you might consider using a login cookie instead of a session.  Or you could consider setting the session cookie manually.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 

Author Comment

by:danjen
ID: 34887482
I believe there is something in one of my programs that is destroying these session variables, but I don't know how to find that.

Ray, I understand what you are saying, but my issue is, this same script works perfectly on over 30 sites. Just this one site is losing the session variables. All of the sites are hosted on the same server which has global php and apache settings.

How can I find out what is destroying the session variables on just this one site?

Thanks for the replies.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 34888026
It's hard to know without having access to the test data.  Like I said, there are a lot of moving parts.  Some things to look for...

$_SESSION = array(); // Or any other assignment that wipes out the data
setcookie(session_name(), ... // With an invalid argument that causes the cookie to fail
Using session_start() in a sub-directory or sub-domain
Having links like these: href="www.url.com/path" vs href="url.com/path"

What do you mean when you say "destroying the session variables?"  How do identify the symptom of the "destruction?"  Is the session cookie still there, but the $_SESSION array is empty?
0
 
LVL 3

Accepted Solution

by:
wwwdeveloper2 earned 2000 total points
ID: 34890835
danjen - Use some software like notepad++ and do a find to search the source code in that account's directory.

Look for ini_set to see if there are any programs overwriting the settings for the session life

Also, if you want to see if any files are destroying the session search for:  session_destroy();

I have some systems were we do keep session alive for 8 hours.  Many of our applications have user's who need to stay logged in all day.  Many times they might be interrupted by somebody stopping by their office or have to rush off for a meeting in the middle of working in the application.  They get very angry if they come back to their work and see their session has been timed out.

0
 

Author Closing Comment

by:danjen
ID: 35150810
Thank you for your help. I wasn't able to find the issue causing the sessions to be destroyed but your answer was helpful.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question