views:

43

answers:

1

I'm having trouble forcing sessions to restart in PHP. Here's the problem:

I can get my session id with session_id(), copy it, and add to the very top of my script:

session_id('the_session_id');
session_start();

And when I open a new browser, the session from the other browser is not carried over. What settings can I check?

A: 

Reason:

If you close the browser window and open it again, then at this moment a second session is started with a different ID, if the used web application has some session based authentication system the user has to login again. At the same time the user has to logout twice!

Solution:

This function will use a real cookie for the session ID and updates the expiration time with every script execution. The expiration is equal to the PHP directive "gc_maxlifetime" (default) or every custom value. So, put this function in your PHP file. We will need it.

<?php 

// $expire = the time in seconds until a session have to expire 
function start_session($expire = 0)
{ 
    if ($expire == 0)
        $expire = ini_get("session.gc_maxlifetime"); 
    else
        ini_set("session.gc_maxlifetime", $expire); 

    if (empty($_COOKIE['PHPSESSID']))
    { 
        session_set_cookie_params($expire); 
        session_start(); 
    }
    else
    { 
        session_start(); 
        setcookie("PHPSESSID", session_id(), time() + $expire); 
    } 
} 

?>

Now, in the top of your page where you're issuing session_id('the_session_id'); and session_start();, remove those lines and start session with this code below:

To start a session with an expire time given by the php configuration

start_session();

To start a session that will expire in 1 hour:

start_session(3600);
shamittomar
Thank you. Let me be a little more specific about what I'm doing because I think it makes a difference. I'm using a flash uploader, and when the Flash plugin executes the PHP upload script, the session breaks, and I get a 302. So I'm passing PHPSESSID as a post param with the Flash request, and on each page I have:if(isset($_POST['PHPSESSID'])) {session_id($_POST['PHPSESSID']);session_start();}But when I dump the $_SESSION, it's always empty when the session id is assigned in that block.It seems to work fine on most servers. Is this technique blocked by any php.ini settings?
Aaron Carlino