PHP Session Data Lost Between [Some] Pages
Ugh… So I’ve been working on a website for a student group at the University of Oregon. I’m developing a custom content management system for the site that uses jQuery UI and AJAX. It’s pretty spiffy actually.
Unfortunately I’ve always had problems maintaining $_SESSION data on the University web-server. For some reason my authentication class would work fine on my dev environment, but would randomly lose and then remember the $_SESSION data on the University web-server. This means that administrators would randomly get logged out when they were trying to update the site.
So after getting frustrated and avoiding the problem for several weeks, I finally found a solution here.
It turns out that the session.save_path value in php.ini was not set. The solution was to run session_save_path() at the top of my script and set the path manually to my home directory (one level below public_html).
<?php session_save_path('/home5/twadding/session_data/'); ?>
This seems to have resolved the problem nicely. One caveat. Don’t keep your session data anywhere that is publicly accessible. Otherwise malicious users could access any of your session data on a whim.
Spending a week pouring over my code was incredibly frustrating, but at least my authentication class is nicely tuned now.
Thanks to turkguy0319 for the great image.
Hi. Thanks for this!
I had the same problem and it was very frustrating due to the random and seemingly unpredictable nature of it. Sessions could last anywhere from 20 seconds to 20 minutes.
However in my case the server DID have a valid setting for save_path (it was simply “/tmp” which is quite a normal setting for linux servers) but I was still getting the random loss of session data. After setting the save_path to a local folder near my own home directory as you suggested, the problem went away.
So what causes the problem in the first place? It should be quite acceptable to store session data in temporary folders. It could be that the folder was being prematurely cleansed by some other process, but that wouldn’t explain how, as you also mention, the session data would randomly disappear and then sometimes RE-appear! This to me indicates a file access problem, where the file is still there but unable to be read on occasion. I think that when it comes down to it, if the server is hosting a large number of sites, each of which is running potentially a large number of sessions simultaneously, it becomes a bit too much for the system when all of those processes need access to the same folder at the same time.
It would have been nice if I had received some kind of notification that the session data file could not be read, but hey, perhaps there is a log file somewhere I’m not privy to. It’s not my server after all.
Enough of my waffling! Thanks again for the tip
hello
thanks for ur help
but i tried ur tip and it doesnt work
if u have another solution plz publish it as i need it .
my session lost in certain page
any page else doesnt lose sessions
Hey
i Sollved IT
and i posted that to make easy for every one searches on this issue
may be my sloution goes well with u , may be not !
all i did is changing name of session that i play on
$_SESSION['type'] changed to $_SESSION['Tipe']
Hope that helps
There’s a cron job that deletes session data older than session.gc_maxlifetime. Changing the directory worked for you because the cron doesn’t find the session data anymore, but I believe the right way to do this is to extend the session.gc_maxlifetime in php.ini.
Give it a try, end the voodoo misconceptions around loosing the session data.
Thanks for the good info!
It’s the UI css that’s causing the problem. Remove it and your session variables should be intact but there goes your styling. I had the same problem with datepicker UI but still have not found an answer..
Hey There, I appreciate the comment, but CSS would not affect your PHP code in any way. There must be something else going on in your case.
Thanks for this, I’ve read of this being resolved by editing the setting in the php.ini file but this was not working for me. Setting the variable in the code works great.
I just solved an issue where PHP session variables were being lost if I reloaded the page. The problem was a CSS file with an invalid URL. Once I fixed the href attribute of that LINK tag to point to the correct file, the issue went away. So CSS _can_ apparently affect PHP session variables. Must be some weirdness with the 404 response/headers or something.
Big thanks for that tip. I was struggling forever with why my sessions were being lost. Lo and behold, if I commented out the 404 redirect in my .htaccess the problem went away. Two issues I had there, first, my 404 redirect was going to the wrong path (needed to go to a sub-folder on the domain) and second, I must have had a wrong URL in my CSS or some other page that wasn’t being found and was being sent to the incorrect 404 page, where the sessions were getting lost (because, I believe, that page didnt have a session_save path).