ID: 48063
Updated by: scott...@php.net
Reported By: myselfasunder at gmail dot com
Status: Bogus
Bug Type: Session related
Operating System: Ubuntu
PHP Version: 5.2.9
New Comment:
It's not that smart, it just looks through the session directory and
kills anything that looks like a session file based on the last time the
file was read and the currently lifetime value.
If there are zero other scripts on the system then it should be fine,
but I suspect there is one somewhere you are missing. Can you add this
to the php.ini file and see if you can reproduce it?
We could look to adding the session lifetime to the file but that would
break backwards compatibility and you could accidentally set a session
to 10 years from now and it would never get removed.
Previous Comments:
------------------------------------------------------------------------
[2009-04-23 21:24:24] myselfasunder at gmail dot com
Even if this is the only script that executes on the system (a
front-controller in the only application)?
How about the fact that my session-name is 'COOKIE' in this
test-script... Wouldn't only everything that uses a session-name of
COOKIE interfere with each other, in this case?
------------------------------------------------------------------------
[2009-04-23 21:02:23] scott...@php.net
You need to set it in the php.ini, if any other script uses sessions
and doesn't set it to be the same value it will delete the sessions.
------------------------------------------------------------------------
[2009-04-23 19:06:20] myselfasunder at gmail dot com
<?php
session_name('COOKIE');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
session_start();
if(isset($_SESSION['aa']))
print("Session already exists.<br>");
else
print("Session DOES NOT exist.<br>");
$_SESSION['aa'] = true;
------------------------------------------------------------------------
[2009-04-23 17:33:38] j...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2009-04-23 16:51:26] myselfasunder at gmail dot com
Description:
------------
I have set the following:
session_name('GOLDENCOLLECTION');
session_set_cookie_params(86400 * 3);
ini_set('session.use_only_cookies', '1');
ini_set('session.gc_maxlifetime', 86400 * 3);
I can load the same page many times successfully. However, if I wait a
while, around twenty minutes, the session's members are no longer
available.
This is the first time I've used cookies to carry the SID (instead of
putting them in the URL).
I have administrative control of the system.
Reproduce code:
---------------
session_start();
Expected result:
----------------
The session should be started and all preexisting members should be
available. They -does- happen, but until only around twenty or thirty
minutes have elapsed, and then they'll be gone.
Actual result:
--------------
They'll disappear without me doing anything.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=48063&edit=1
