PHP :: Bug #22483 :: Sessions expire randomly

Bug #22483	Sessions expire randomly
Submitted:	2003-02-28 19:09 UTC	Modified:	2003-03-05 15:40 UTC
From:	dmj28 at student dot canterbury dot ac dot nz	Assigned:
Status:	Closed	Package:	Session related
PHP Version:	4.3.2-dev	OS:	FreeBSD 4.5
Private report:	No	CVE-ID:	None

View Developer Edit

[2003-02-28 19:09 UTC] dmj28 at student dot canterbury dot ac dot nz

The problem is that sessions expire, before they should, apparently randomly. This did not seem to happen under 4.2. The following information may be useful:

Two symptoms:
- Php is using the query string to maintain sessions *ALOT* when cookies would normally be used?
- Sessions occasionally expire well before they should.
- A mail() sends an email with some characters replaced?

Is it possible that some characters of output are being replaced, and this is causing session id's to be changed, expiring sessions?

Apache 3.27

'./configure' '--with-gd' '--with-jpeg-dir=/usr/local/src/jpeg-6b' '--with-zlib' '--with-png-dir=/usr/local/src/libpng-1.2.2' '--with-mysql=/usr/local/mysql' '--enable-ftp' '--with-apxs=/usr/local/apache/bin/apxs'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-02-28 19:19 UTC] magnus@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

[2003-03-03 16:35 UTC] dmj28 at student dot canterbury dot ac dot nz

Upgrading has not fixed the problem.

Is it possible, that two sites running different php applications which use sessions holding classes, with names such as: x.companyxyz.com and y.companyxyz.com could cause sessions to expire for some reason? Perhaps if they store different classes. Because these sites do appear to share the same session.

Many thanks for any assistance.

[2003-03-03 17:13 UTC] dmj28 at student dot canterbury dot ac dot nz

I notice many session files of size ~3k and many others around 30k. Is there a limit on the size of session files which could cause expiry?

[2003-03-03 20:00 UTC] sniper@php.net

Limit is the free space. And are you setting the session id yourself in your script perhaps? (maybe unintentionally?)

And it's always good idea to configure your different
virtualhosts to have their own directories where the session files are hold..

[2003-03-03 20:56 UTC] dmj28 at student dot canterbury dot ac dot nz

The session id is being set by php. Is it possible that php could choose the same session id for a person if they open a new browser window and a different site? Is it that the same session id is generated occasionally? And the two sites clash?

[2003-03-05 15:40 UTC] dmj28 at student dot canterbury dot ac dot nz

Fixed. Thanks to sniper@php.
Individual directories for sessions of each virtual host solved the problem (/tmp/site1_sessions and /tmp/site2_sessions). Although, I don't understand why!
Many thanks :-)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Aug 16 04:00:02 2025 UTC