Session variables disappear (some of them only)

This is a discussion on Session variables disappear (some of them only) within the PHP General forums, part of the PHP Programming Forums category; Hi ! I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3, a month ago), ...


Go Back   Usenet Forums > PHP Programming Forums > PHP General

Reload this Page Session variables disappear (some of them only)

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-02-2008
karma
 
Posts: n/a
Default Session variables disappear (some of them only)

Hi !

I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3, a month ago), but I'm not sure it is related (well, I'm
pretty sure it's not).

Like many people, I've written an application that use PHP session variables, like $_SESSION["my_variable"].

Sometimes (it doesn't happen all the time), _some_ of these variables are not written in the session file and they are lost
after a simple header("Location:...); (same domain). The session file is in the right directory (permissions are fine), but some
of my variables are missing.

The facts :
- Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
- all my scripts begin with session_start(). I've tried to add session_write_close() before every header(Location:...) call, it
doesn't help.
- I didn't change anything in my program (it has been running just fine for 2 years), it just began to fail from time to time (I
would say 10 times a day). There is no hidden unset() function : it would fail for everyone.
- these variables are all set correctly, and they don't have reserved names.
- only a few variables disappear, but they are always the same ones (could it depend on their position in the session file ?!?)
- the session files are very small (max 100ko)
- it seems that it doesn't depend on the browser, but IE6 and IE7 seem to be the most affected ones (it may be because my users
mostly use these browsers).
- I can't reproduce this issue from my local network (any OS/browser - it would be too easy :)
- reverting to the previous stable Apache and/or PHP versions doesn't help.
- I didn't change any php.ini directive.

Any idea ?

Thanks !


PS: if you need more details, just ask. The only thing I can't do is pasting the code : the scripts are quite huge.
Reply With Quote
  #2 (permalink)  
Old 07-06-2008
Fabrice VIGNALS
 
Posts: n/a
Default Re: Session variables disappear (some of them only)
Difficult to help you because there are many method of session :
- where do you store the sessions_variables : in local file, db or cookie ?
- how you transmit the session id, beetween pages(runtimes) : cookie, $GET
link, database ?


Did you check the availability of user cookie if you use it ?
Because if in each page of your application you define a session variable
it's sure it will be every time here.
But the problem of session it's to transmit its ID between different pages,
or session will be reset.
If a user don't authorised cookie you must transmit the session id by db
storage or $Get link.

Also I don't see, a php modification during the last upgrades to explain
that's kind of session problem.




"karma" <cb@dpt-info.u-strasbg.fr> a écrit dans le message de
news:E2.4C.10269.7542B684@pb1.pair.com...
>
> Hi !
>
> I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3, a
> month ago), but I'm not sure it is related (well, I'm pretty sure it's
> not).
>
> Like many people, I've written an application that use PHP session
> variables, like $_SESSION["my_variable"].
>
> Sometimes (it doesn't happen all the time), _some_ of these variables are
> not written in the session file and they are lost after a simple
> header("Location:...); (same domain). The session file is in the right
> directory (permissions are fine), but some of my variables are missing.
>
> The facts :
> - Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
> - all my scripts begin with session_start(). I've tried to add
> session_write_close() before every header(Location:...) call, it doesn't
> help.
> - I didn't change anything in my program (it has been running just fine
> for 2 years), it just began to fail from time to time (I would say 10
> times a day). There is no hidden unset() function : it would fail for
> everyone.
> - these variables are all set correctly, and they don't have reserved
> names.
> - only a few variables disappear, but they are always the same ones (could
> it depend on their position in the session file ?!?)
> - the session files are very small (max 100ko)
> - it seems that it doesn't depend on the browser, but IE6 and IE7 seem to
> be the most affected ones (it may be because my users mostly use these
> browsers).
> - I can't reproduce this issue from my local network (any OS/browser - it
> would be too easy :)
> - reverting to the previous stable Apache and/or PHP versions doesn't
> help.
> - I didn't change any php.ini directive.
>
> Any idea ?
>
> Thanks !
>
>
> PS: if you need more details, just ask. The only thing I can't do is
> pasting the code : the scripts are quite huge.

Reply With Quote
  #3 (permalink)  
Old 07-06-2008
tedd
 
Posts: n/a
Default [PHP] Re: Session variables disappear (some of them only)
At 1:48 PM +0200 7/6/08, Fabrice VIGNALS wrote:
>Difficult to help you because there are many method of session :
>- where do you store the sessions_variables : in local file, db or cookie ?
>- how you transmit the session id, beetween
>pages(runtimes) : cookie, $GET link, database ?
>
>
>Did you check the availability of user cookie if you use it ?
>Because if in each page of your application you
>define a session variable it's sure it will be
>every time here.
>But the problem of session it's to transmit its
>ID between different pages, or session will be
>reset.
>If a user don't authorised cookie you must
>transmit the session id by db storage or $Get
>link.
>
>Also I don't see, a php modification during the
>last upgrades to explain that's kind of session
>problem.
>
>
>
>
>"karma" <cb@dpt-info.u-strasbg.fr> a écrit dans
>le message de
>news:E2.4C.10269.7542B684@pb1.pair.com...
>>
>>Hi !
>>
>>I have a very weird issue since the last Apache
>>upgrade (-> 2.2.8-r3, a month ago), but I'm not
>>sure it is related (well, I'm pretty sure it's
>>not).
>>
>>Like many people, I've written an application
>>that use PHP session variables, like
>>$_SESSION["my_variable"].
>>
>>Sometimes (it doesn't happen all the time),
>>_some_ of these variables are not written in
>>the session file and they are lost after a
>>simple header("Location:...); (same domain).
>>The session file is in the right directory
>>(permissions are fine), but some of my
>>variables are missing.
>>
>>The facts :
>>- Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
>>- all my scripts begin with session_start().
>>I've tried to add session_write_close() before
>>every header(Location:...) call, it doesn't
>>help.
>>- I didn't change anything in my program (it
>>has been running just fine for 2 years), it
>>just began to fail from time to time (I would
>>say 10 times a day). There is no hidden unset()
>>function : it would fail for everyone.
>>- these variables are all set correctly, and they don't have reserved names.
>>- only a few variables disappear, but they are
>>always the same ones (could it depend on their
>>position in the session file ?!?)
>>- the session files are very small (max 100ko)
>>- it seems that it doesn't depend on the
>>browser, but IE6 and IE7 seem to be the most
>>affected ones (it may be because my users
>>mostly use these browsers).
>>- I can't reproduce this issue from my local
>>network (any OS/browser - it would be too easy
>>:)
>>- reverting to the previous stable Apache and/or PHP versions doesn't help.
>>- I didn't change any php.ini directive.
>>
>>Any idea ?
>>
>>Thanks !

If it's any comfort, I had a similar problem
sending session variables from a script in a
httpdocs directory to a script in a httpsdocs.
Some of the variables made it and some didn't. It
was very confusing. The client had php 4.3.1
installed, if that's any help.

I never did find out what the problem was and I
finally passed everything via a POST.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
Reply With Quote
  #4 (permalink)  
Old 07-07-2008
karma
 
Posts: n/a
Default Re: Session variables disappear (some of them only)

Hi,

Ted & Fabrice, thanks for your answers.

Sessions variables are only stored in a local file. The dir permissions are ok, and I've tried to store these files in another
dir (/var/tmp/php) just to check.

The session id is transmitted via cookies only :

session.use_cookies = 1
session.use_only_cookies = 1 <== I've tried with 0 and 1
session.auto_start = 0
session.cookie_lifetime = 0

I guess the Session ID is correctly transmitted because the errors doesn't occur on the first 2 scripts. First, the login page
requires cookies to be enabled, and this step is ok. Then the user has tochoose something in a menu, this step is fine too :
some variables are set according to the user choice and the user is redirected to the 3rd script. The errors occur on this one.

Between the 2nd and 3rd scripts, variables are created from a database query : it _can't_ fail and the results are cheched : no
possible mistake here. I use this kind of method :

- the user chooses some "$id" (type and value tested, ok), then :

$res=pg_query($dbr, "select a, b, c, ..., from table where table_id='$id'");

if(pg_num_rows($res))
{
list($_SESSION["a"], $_SESSION["b"], $_SESSION["c"], ...)=pg_fetch_row($res, 0);

pg_free_result($res);
header("Location:my_third_script.php");
exit();
}

Then the errors sometimes occur in my apache2/ssl_error_log (undefined index in $_SESSION variable). When I check the
sess_12345789... file, some of the variables are missing : $_SESSION["a"]and ["b"] are there, but not $_SESSION["c"], even an
empty one, it is just gone. That's all I know.

I would like to try to store my sessions variables in the main database, but it is quite difficult since the application is
currently used by many people. I'll also have to upgrade a lot of scripts(a bit time consuming) to test this solution...


Regards,

C.


Fabrice VIGNALS a écrit :
> Difficult to help you because there are many method of session :
> - where do you store the sessions_variables : in local file, db or cookie ?
> - how you transmit the session id, beetween pages(runtimes) : cookie,
> $GET link, database ?
>
>
> Did you check the availability of user cookie if you use it ?
> Because if in each page of your application you define a session
> variable it's sure it will be every time here.
> But the problem of session it's to transmit its ID between different
> pages, or session will be reset.
> If a user don't authorised cookie you must transmit the session id by db
> storage or $Get link.
>
> Also I don't see, a php modification during the last upgrades to explain
> that's kind of session problem.
>
>
>
>
> "karma" <cb@dpt-info.u-strasbg.fr> a écrit dans le message de
> news:E2.4C.10269.7542B684@pb1.pair.com...
>>
>> Hi !
>>
>> I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3,
>> a month ago), but I'm not sure it is related (well, I'm pretty sure
>> it's not).
>>
>> Like many people, I've written an application that use PHP session
>> variables, like $_SESSION["my_variable"].
>>
>> Sometimes (it doesn't happen all the time), _some_ of these variables
>> are not written in the session file and they are lost after a simple
>> header("Location:...); (same domain). The session file is in the right
>> directory (permissions are fine), but some of my variables are missing.
>>
>> The facts :
>> - Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
>> - all my scripts begin with session_start(). I've tried to add
>> session_write_close() before every header(Location:...) call, it
>> doesn't help.
>> - I didn't change anything in my program (it has been running just
>> fine for 2 years), it just began to fail from time to time (I would
>> say 10 times a day). There is no hidden unset() function : it would
>> fail for everyone.
>> - these variables are all set correctly, and they don't have reserved
>> names.
>> - only a few variables disappear, but they are always the same ones
>> (could it depend on their position in the session file ?!?)
>> - the session files are very small (max 100ko)
>> - it seems that it doesn't depend on the browser, but IE6 and IE7 seem
>> to be the most affected ones (it may be because my users mostly use
>> these browsers).
>> - I can't reproduce this issue from my local network (any OS/browser -
>> it would be too easy :)
>> - reverting to the previous stable Apache and/or PHP versions doesn't
>> help.
>> - I didn't change any php.ini directive.
>>
>> Any idea ?
>>
>> Thanks !
>>
>>
>> PS: if you need more details, just ask. The only thing I can't do is
>> pasting the code : the scripts are quite huge.
>

Reply With Quote
  #5 (permalink)  
Old 07-07-2008
Chris
 
Posts: n/a
Default Re: [PHP] Re: Session variables disappear (some of them only)
> Then the errors sometimes occur in my apache2/ssl_error_log (undefined
> index in $_SESSION variable). When I check the sess_12345789... file,
> some of the variables are missing : $_SESSION["a"] and ["b"] are there,
> but not $_SESSION["c"], even an empty one, it is just gone. That's all I
> know.

Sounds like for those situations, the user doesn't have one of the
options set (the database is returning a null value).

Check that by matching up whatever 'a' and 'b' are with what's in the
database.

--
Postgresql & php tutorials
http://www.designmagick.com/
Reply With Quote
  #6 (permalink)  
Old 07-07-2008
Shawn McKenzie
 
Posts: n/a
Default Re: Session variables disappear (some of them only)
karma wrote:
>
> Hi,
>
> Ted & Fabrice, thanks for your answers.
>
> Sessions variables are only stored in a local file. The dir permissions
> are ok, and I've tried to store these files in another dir
> (/var/tmp/php) just to check.
>
> The session id is transmitted via cookies only :
>
> session.use_cookies = 1
> session.use_only_cookies = 1 <== I've tried with 0 and 1
> session.auto_start = 0
> session.cookie_lifetime = 0
>
> I guess the Session ID is correctly transmitted because the errors
> doesn't occur on the first 2 scripts. First, the login page requires
> cookies to be enabled, and this step is ok. Then the user has to choose
> something in a menu, this step is fine too : some variables are set
> according to the user choice and the user is redirected to the 3rd
> script. The errors occur on this one.
>
> Between the 2nd and 3rd scripts, variables are created from a database
> query : it _can't_ fail and the results are cheched : no possible
> mistake here. I use this kind of method :
>
> - the user chooses some "$id" (type and value tested, ok), then :
>
> $res=pg_query($dbr, "select a, b, c, ..., from table where
> table_id='$id'");
>
> if(pg_num_rows($res))
> {
> list($_SESSION["a"], $_SESSION["b"], $_SESSION["c"],
> ...)=pg_fetch_row($res, 0);
>
> pg_free_result($res);
> header("Location:my_third_script.php");
> exit();
> }
>
> Then the errors sometimes occur in my apache2/ssl_error_log (undefined
> index in $_SESSION variable). When I check the sess_12345789... file,
> some of the variables are missing : $_SESSION["a"] and ["b"] are there,
> but not $_SESSION["c"], even an empty one, it is just gone. That's all I
> know.
>
> I would like to try to store my sessions variables in the main database,
> but it is quite difficult since the application is currently used by
> many people. I'll also have to upgrade a lot of scripts (a bit time
> consuming) to test this solution...
>
>
> Regards,
>
> C.
>
>
> Fabrice VIGNALS a écrit :
>> Difficult to help you because there are many method of session :
>> - where do you store the sessions_variables : in local file, db or
>> cookie ?
>> - how you transmit the session id, beetween pages(runtimes) : cookie,
>> $GET link, database ?
>>
>>
>> Did you check the availability of user cookie if you use it ?
>> Because if in each page of your application you define a session
>> variable it's sure it will be every time here.
>> But the problem of session it's to transmit its ID between different
>> pages, or session will be reset.
>> If a user don't authorised cookie you must transmit the session id by
>> db storage or $Get link.
>>
>> Also I don't see, a php modification during the last upgrades to
>> explain that's kind of session problem.
>>
>>
>>
>>
>> "karma" <cb@dpt-info.u-strasbg.fr> a écrit dans le message de
>> news:E2.4C.10269.7542B684@pb1.pair.com...
>>>
>>> Hi !
>>>
>>> I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3,
>>> a month ago), but I'm not sure it is related (well, I'm pretty sure
>>> it's not).
>>>
>>> Like many people, I've written an application that use PHP session
>>> variables, like $_SESSION["my_variable"].
>>>
>>> Sometimes (it doesn't happen all the time), _some_ of these variables
>>> are not written in the session file and they are lost after a simple
>>> header("Location:...); (same domain). The session file is in the
>>> right directory (permissions are fine), but some of my variables are
>>> missing.
>>>
>>> The facts :
>>> - Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
>>> - all my scripts begin with session_start(). I've tried to add
>>> session_write_close() before every header(Location:...) call, it
>>> doesn't help.
>>> - I didn't change anything in my program (it has been running just
>>> fine for 2 years), it just began to fail from time to time (I would
>>> say 10 times a day). There is no hidden unset() function : it would
>>> fail for everyone.
>>> - these variables are all set correctly, and they don't have reserved
>>> names.
>>> - only a few variables disappear, but they are always the same ones
>>> (could it depend on their position in the session file ?!?)
>>> - the session files are very small (max 100ko)
>>> - it seems that it doesn't depend on the browser, but IE6 and IE7
>>> seem to be the most affected ones (it may be because my users mostly
>>> use these browsers).
>>> - I can't reproduce this issue from my local network (any OS/browser
>>> - it would be too easy :)
>>> - reverting to the previous stable Apache and/or PHP versions doesn't
>>> help.
>>> - I didn't change any php.ini directive.
>>>
>>> Any idea ?
>>>
>>> Thanks !
>>>
>>>
>>> PS: if you need more details, just ask. The only thing I can't do is
>>> pasting the code : the scripts are quite huge.
>>
>
http://us.php.net/manual/en/function.header.php

Note: Session ID is not passed with Location header even if
session.use_trans_sid is enabled. It must by passed manually using SID
constant.

-Shawn
Reply With Quote
  #7 (permalink)  
Old 07-07-2008
Shawn McKenzie
 
Posts: n/a
Default Re: Session variables disappear (some of them only)
karma wrote:
>
> Hi,
>
> Ted & Fabrice, thanks for your answers.
>
> Sessions variables are only stored in a local file. The dir permissions
> are ok, and I've tried to store these files in another dir
> (/var/tmp/php) just to check.
>
> The session id is transmitted via cookies only :
>
> session.use_cookies = 1
> session.use_only_cookies = 1 <== I've tried with 0 and 1
> session.auto_start = 0
> session.cookie_lifetime = 0
>
> I guess the Session ID is correctly transmitted because the errors
> doesn't occur on the first 2 scripts. First, the login page requires
> cookies to be enabled, and this step is ok. Then the user has to choose
> something in a menu, this step is fine too : some variables are set
> according to the user choice and the user is redirected to the 3rd
> script. The errors occur on this one.
>
> Between the 2nd and 3rd scripts, variables are created from a database
> query : it _can't_ fail and the results are cheched : no possible
> mistake here. I use this kind of method :
>
> - the user chooses some "$id" (type and value tested, ok), then :
>
> $res=pg_query($dbr, "select a, b, c, ..., from table where
> table_id='$id'");
>
> if(pg_num_rows($res))
> {
> list($_SESSION["a"], $_SESSION["b"], $_SESSION["c"],
> ...)=pg_fetch_row($res, 0);
>
> pg_free_result($res);
> header("Location:my_third_script.php");
> exit();
> }
>
> Then the errors sometimes occur in my apache2/ssl_error_log (undefined
> index in $_SESSION variable). When I check the sess_12345789... file,
> some of the variables are missing : $_SESSION["a"] and ["b"] are there,
> but not $_SESSION["c"], even an empty one, it is just gone. That's all I
> know.
>
> I would like to try to store my sessions variables in the main database,
> but it is quite difficult since the application is currently used by
> many people. I'll also have to upgrade a lot of scripts (a bit time
> consuming) to test this solution...
>
>
> Regards,
>
> C.
>
>
> Fabrice VIGNALS a écrit :
>> Difficult to help you because there are many method of session :
>> - where do you store the sessions_variables : in local file, db or
>> cookie ?
>> - how you transmit the session id, beetween pages(runtimes) : cookie,
>> $GET link, database ?
>>
>>
>> Did you check the availability of user cookie if you use it ?
>> Because if in each page of your application you define a session
>> variable it's sure it will be every time here.
>> But the problem of session it's to transmit its ID between different
>> pages, or session will be reset.
>> If a user don't authorised cookie you must transmit the session id by
>> db storage or $Get link.
>>
>> Also I don't see, a php modification during the last upgrades to
>> explain that's kind of session problem.
>>
>>
>>
>>
>> "karma" <cb@dpt-info.u-strasbg.fr> a écrit dans le message de
>> news:E2.4C.10269.7542B684@pb1.pair.com...
>>>
>>> Hi !
>>>
>>> I have a very weird issue since the last Apache upgrade (-> 2.2.8-r3,
>>> a month ago), but I'm not sure it is related (well, I'm pretty sure
>>> it's not).
>>>
>>> Like many people, I've written an application that use PHP session
>>> variables, like $_SESSION["my_variable"].
>>>
>>> Sometimes (it doesn't happen all the time), _some_ of these variables
>>> are not written in the session file and they are lost after a simple
>>> header("Location:...); (same domain). The session file is in the
>>> right directory (permissions are fine), but some of my variables are
>>> missing.
>>>
>>> The facts :
>>> - Apache 2.2.9 + PHP 5.2.6_rc4 running on a Gentoo (up-to-date)
>>> - all my scripts begin with session_start(). I've tried to add
>>> session_write_close() before every header(Location:...) call, it
>>> doesn't help.
>>> - I didn't change anything in my program (it has been running just
>>> fine for 2 years), it just began to fail from time to time (I would
>>> say 10 times a day). There is no hidden unset() function : it would
>>> fail for everyone.
>>> - these variables are all set correctly, and they don't have reserved
>>> names.
>>> - only a few variables disappear, but they are always the same ones
>>> (could it depend on their position in the session file ?!?)
>>> - the session files are very small (max 100ko)
>>> - it seems that it doesn't depend on the browser, but IE6 and IE7
>>> seem to be the most affected ones (it may be because my users mostly
>>> use these browsers).
>>> - I can't reproduce this issue from my local network (any OS/browser
>>> - it would be too easy :)
>>> - reverting to the previous stable Apache and/or PHP versions doesn't
>>> help.
>>> - I didn't change any php.ini directive.
>>>
>>> Any idea ?
>>>
>>> Thanks !
>>>
>>>
>>> PS: if you need more details, just ask. The only thing I can't do is
>>> pasting the code : the scripts are quite huge.
>>
>

Also:

Note: HTTP/1.1 requires an absolute URI as argument to » Location:
including the scheme, hostname and absolute path.

-Shawn
Reply With Quote
  #8 (permalink)  
Old 07-08-2008
karma
 
Posts: n/a
Default Re: Session variables disappear (some of them only)

You're absolutely right, but the problem is not about how the SID is passed between the scripts, it is more about why some
variables are written in the session file while others are not, even whenthese variables are created within the same script at
the same time. If the SID was not correctly passed, it wouldn't find any other variables. I also wonder why this randomly
happens ...

I agree about the HTML/1.1 specs, I'm just a bit lazy ;)

K.


Shawn McKenzie a écrit :

> http://us.php.net/manual/en/function.header.php
>
> Note: Session ID is not passed with Location header even if
> session.use_trans_sid is enabled. It must by passed manually using SID
> constant.
>
> -Shawn

Reply With Quote
  #9 (permalink)  
Old 07-08-2008
mrclay
 
Posts: n/a
Default Re: Session variables disappear (some of them only)
On Jul 7, 11:09*am, nos...@mckenzies.net (Shawn McKenzie) wrote:
> Note: Session ID is not passed with Location header even if
> session.use_trans_sid is enabled. It must by passed manually using SID
> constant.

If you're using only cookies to maintain session ID (good) and your
Location: URI is on the same host, you do not and should not put the
SID in the URI. "Location: " triggers a standard GET request, with
which the browser sends all the appropriate cookies including your
session id.

Steve
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 12:08 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0