Google Chrome PHP Session question

I test my application using all 5 major browsers, and Google Chrome is among one of them. I am using an Apache server in my local machine.

Lately, I've been playing around creating and destroying PHP sessions to learn more about it. Here is how I am currently destroying a session at my login.php:

session_start();
if (isset($_SESSION['user'])) {
    $_SESSION = Array();
    session_destroy();
}

Here is how I handle session checking on all other pages:

[code]/*
 * Check if there's already a session. If not, create one.
 */
session_start();
if (isset($_SESSION['user'])) {
    $user = $_SESSION['user'];
} else {
    redirect('login.php');
}

Open in new window


Internet Explorer, Firefox, Opera, and Safari, all work perfectly fine with the above code in the sense that only ONE session file appears in my c:\xampp\tmp when the session is created, and the file disappears when the session is destroyed.

But Google Chrome seems to create 2 files when a session_start() is made and none of them gets deleted when the session is destroyed. What's worse, it keeps creating 2 more session files as I navigate from one page to another, and I'm not sure I understand why. Again, this happens only with Google Chrome, leading me to conclude it can't possibly be my code, or can it?

Has anyone experienced this? Should I be concerned about this?
elepilAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
You're running on 'localhost', aren't you?  Chrome won't accept cookies on 'localhost' so every access creates a new session file since there isn't any cookie from a previous one.  If you are able to use the IP address of the machine, it should then work in Chrome also.

I almost never use 'localhost' because it has several problems.  One is that Chrome won't accept cookies but even more important to me is that you can't run a public website on 'localhost'.  'localhost' and '127.0.0.1' both bypass the TCP/IP stack so anything related to IP addresses may act funny on 'localhost'.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ray PaseurCommented:
I agree with Dave.  Have a quick look at this user-contributed note.  Notice how many times it has been "marked down" because it's just plain wrong and evinces a misunderstanding of what Google Chrome is actually doing.
http://php.net/manual/en/function.session-unset.php#100527

The right dev environment is that environment that is as close as possible -- end-to-end -- to the deployment environment.  For literally no more than pennies a day you can get full-service web hosting and you can deploy a private label, public-facing web site on the internet. This is how your clients will see your web site, so it makes sense to test your applications in this environment.  All of the task runners can do their work in this environment; your build can be as simple as an FTP script.  In short, you give up almost nothing to gain stability and peace of mind.

If you're doing PHP client authentication, this article shows the right steps to create, use, and destroy the PHP session.  The article is old, and you might want to adopt an object-oriented design pattern, but the principles have not changed.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
0
elepilAuthor Commented:
Whew! I'm glad others have encountered this issue. Thanks for the help, Dave and Ray!
0
Dave BaldwinFixer of ProblemsCommented:
You're welcome, glad to help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.