0

So I have SessionHandler class, and my other file that put that into motion like this (cfg_session.php):

use \Classes\MySessionHandler as Sessao;

$sessao = new Sessao();

// PHP < 5.4
session_set_save_handler( 
   array($sessao, 'open'),
   array($sessao, 'close'),
   array($sessao, 'read'),
   array($sessao, 'write'),
   array($sessao, 'destroy'),
   array($sessao, 'gc')
);

register_shutdown_function('session_write_close');

session_start();

Alright, the small difference is that in my localweb I use:

session_set_save_handler($sessao)

Because, in my localweb, it is in fact PHP > 5.5.

It works perfectly fine on my localweb, I do refresh the page, log out, log in, close tabs, open tabs, log in again and everything is normal, the PHPSESSID from my browser is equal to the one created on session's file and so on.

EDIT: I have a server with PHP < 5.4, and I'm in fact, using the code above, meant to PHP < 5.4, but it is still acting weird. Refreshes the browser, it creates another session file, but does not change the PHPSESSID. The first time I try to log in, the process goes like: It creates the session file, I redirect the user to a certain page which does another request on the server, it just creates another session file totally different from the PHPSESSID and of course, the app logs me out. That's the weird part.

But then, I try to login again normally and it logs me in, just fine. Every request, has the same ID, session_regenerate_id() works fine, everything goes OK, PHPSESSID matches the session's file created.

But then, If I logout, close that tab, open a new tab and try to log in (or just close tabs without loging out) it just does the same thing: Logs me in, create a session file, but then, it changes de session_id again and kicks me out.

I'm really stuck on this. Can't be sure if this happens because of PHP < 5.4 or anything else.

Notes: - session_regenerate_id() is being used on log in, on checking if there's session (then update time and regenerateId) and on log out.

  • cfg_session.php is required once on every page that needs to use session variables.

I need some light on this. I've already seen lots of topics, but none pretty informative or close to resolve this weird behavior. Thanks in advance.

Kelwen Souza
  • 109
  • 6

3 Answers3

1

SessionHandlerInterface class are only available with 5.4.0 or greater. Your code is for PHP version 5.4.0 and above. It will certainly give weirdly stuff

Vineet1982
  • 7,730
  • 4
  • 32
  • 67
  • I edited the post, to see if I'm more clear and I think it missed information. But the thing is: I'm using a server with php less than 5.4, I'm using the code above meant to use in PHP less than 5.4, alright? But it is still acting weird. – Kelwen Souza Dec 17 '15 at 13:34
  • The feature is not available for php below 5.4 and if feature is not available then how can you use it..... – Vineet1982 Dec 17 '15 at 16:05
0

How to log coockie session time may be set_lifetime for session programmaticaly? maybe you need set session cookie options

session_set_cookie_params(3600);

http://php.net/manual/en/function.session-set-cookie-params.php

Naumov
  • 1,167
  • 9
  • 22
  • Well, your answer made me realize one thing: "ini_set('session.use_cookies', 1);". I didn't use it on server with PHP greater than 5.4, but this line solved my problem. Thanks for helping me subliminally hehe. – Kelwen Souza Dec 17 '15 at 14:22
0

Just added:

ini_set('session.use_cookies', 1);

The thing is: I wasn't using it on my localweb, but I read that the default is 1 (true) and probably, on my live server, it was set to 0. Now it works normally. Thanks.

Kelwen Souza
  • 109
  • 6