PHP :: Bug #24129 :: Session randomly fails

Bug #24129	Session randomly fails
Submitted:	2003-06-11 10:32 UTC	Modified:	2003-06-11 17:38 UTC
From:	brian dot diekelman at andrews dot af dot mil	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.3.2	OS:	Win2k
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	brian dot diekelman at andrews dot af dot mil
New email:
PHP Version:		OS:

New Comment:

[2003-06-11 10:32 UTC] brian dot diekelman at andrews dot af dot mil

  This is a dupe of bugs #17846, #19029, #19972.  I wanted to update the version and circumstances.  For the most part everything works fine, then randomly the session will fail.  In my php.ini the max_gc_lifetime (don't know exact spelling) is set to 0 (on browser close).  Everything else is set to the standard settings.

  This is an annoying bug because it's hard to isolate it.  
I have heard some theories of the cookie prematurely expiring, two sessionid's in the cookie, etc.  I tried the latest CVS this morning on my test server and the error is still present.

  It is not a problem with my code, all I have is a session_start() and $_SESSION["username"] at the top of every page to check if the session exists.  I do not have any custom session handler and pretty much have a standard install for Win32 (AF doesn't let us use Linux).

  Any ideas??

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-06-11 11:45 UTC] sniper@php.net

Where does it say that setting session.gc_maxlifetime to 0 would give should behaviour? It's just what is says _maximum_  
lifetime of session, 0 means it's always cleaned whenever
the random cleaning happens.

Expected behaviour -> not bug.

[2003-06-11 12:40 UTC] brian dot diekelman at andrews dot af dot mil

Correction, max_gc_lifetime was supposed to be cookie_lifetime (sorry).  Setting the cookie lifetime to 0 (according to the website) will keep the session active until the browser is closed.

  That does not change the nature of the bug.  Please read my post.  The bug is that the session is randomly ending.  It is the stock php.ini except for the cookie lifetime.  Everything is standard.  This bug has been brought up several times and the response has been 'fixed in CVS' but it has not been.  I realize the session functions have been rewritten but please at least acknowledge the problem.

[2003-06-11 17:38 UTC] sniper@php.net

I use sessions lot myself, if there really was some bug
in it, I'd be first to know, really.

I think you just don't understand how the garbage cleanup
works..setting the "session.cookie_lifetime" only affects
the cookie lifetime. Still the _random_ garbage collecting hits in when the lifetime of a _session_ exceeds the max lifetime, regardless of what the cookie lifetime is.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Jul 29 15:00:02 2025 UTC