Session unexpectedly lost?

Question

Hi, I'm at a loss with an annoying issue to do with exporting a report. Basically, a button is pressed and a report is generated server side using the following javascript:-

__callExportController(true, { op: 'build', type: exportType }, function(data) {
    var outputURL = './reportinc/export_controller.php?op=output&filename=';
    var reportFilename = data['filename'];
    var reportTitle = data['title'];

    if (reportFilename && reportTitle) {

        var resultURL = outputURL + reportFilename + '&title=' + reportTitle;

        /* Initiate the download dialog */
        if (!$('#exportFrame').length) {
            var hiddenIFrame = document.createElement('iframe');
            hiddenIFrame.setAttribute('id','exportFrame');
            document.body.appendChild(hiddenIFrame);
        }

        $('#exportFrame').attr('src', resultURL);
    } else {
        error('No filename or report title specified!');
    }
});

The 'build' operation of the export controller builds the report to a temporary file on the server. If that succeeds, the 'output' operation is called to output that file to a hidden iframe in order to get the download prompt to the user. Internet Explorer 6/7 are the only browsers in use here.

This is the output handler on the server which the iframe will be requesting with the successfully built filename:-

/* Output handler */
case 'output':{

    $filename = $_GET['filename'];

    header('Content-Description: File Transfer');
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header("Content-Type: application/force-download");
    header("Content-Type: application/octet-stream");
    header("Content-Type: application/download");
    header("Content-Type: application/pdf");

    /**
     * NOTE: It appears this is required for some versions of adobe!
     * http://www.acrobatusers.com/forums/aucbb/viewtopic.php?id=15400
     */
    header("Cache-Control: private");
    header("Pragma: cache");
    header("Content-Disposition: attachment; filename=\"file.pdf\"");
    header('Content-Length: ' . filesize($filename));

    /* Flush the headers immediately for larger files */
    ob_clean();
    flush();
    readfile($filename);
    @unlink($filename);
}

The issue I'm having is: whilst this works fine once, the session appears to be destroyed after the first successful file download. That is, when the user navigates away to another page they appear to be generated a new session id. This also requires the user to have to 're-login' if basic authentication is in use with the next action they take.

The issue seems very intermittent and it seems to happen at times and not at other times.

Has anyone any ideas? Should I be adding more headers or something to prevent the users session from being destroyed?

Answer 1

could be your missing a session_name or session_start somewhere.

or, more likely, you’re users have cookies disabled. that way sessions are only valid for one site request