php - When refreshing the page,cause session variables to be cleared -

why in reloading page $_session variables re-sets again?!

  if (isset($_session['last_activity']) && ((time() - $_session['last_activity']) > 1800))              {                 // last request more 30 minutes ago                 session_unset();                      session_destroy();                }             $_session['last_activity'] = time(); if (!isset($_session['created'])) {             $_session['created'] = time();             } else if (time() - $_session['created'] > 1800) {                 // session started more 30 minutes ago                 session_regenerate_id(true);    // change session id current session , invalidate old session id                 $_session['created'] = time();  // update creation time             }

is code wrong?
in php.ini

session.cache_expire = 180     session.use_cookies = 0     session.use_only_cookies = 0    session.auto_start = 0     session.gc_maxlifetime = 1440    session.cache_expire = 180

i have session_start() @ top of page
var_dump($_session) in page results deferent $_session values !!

array (size=2)     'last_activity' => int 1472457503     'created' => int 1472457503

refreshing again !

array (size=2)   'last_activity' => int 1472459001   'created' => int 1472459001

the last_activity normal when changes
why 'created' changed!!??

my problem session.use_cookies = 0 i.e session disabled use cookies.
because session uses cookies save sid .

so if cookies disabled , session.use_trans_sid 0 in php.ini page reload session_start() generates new session.

cookies may disable server side session.use_cookies = 0 or with user browser settings.

then how use sessions without cookies ?!

session work when cookies disabled. first apache check php configuration settings. like:

  --enable-trans-sid ,    --enable-track-vars

if these value set true session passed post automatically.

if "--enable-trans-sid" , "--enable-track-vars" values set false, need pass session id using sid constant.

< href="index.php?<?= sid ?>" >navigate here< /a >

need set php.ini

ini_set("session.use_cookies", 0); ini_set("session.use_trans_sid", 1);

notice : trans sid support disabled default in php. use of trans sid may risk users security. use option caution.user may send url contains active session id other person via email/irc/etc url contains active session id may stored in publically accessible computer user may access site same session id using url stored in browser's history or bookmarks.
more detial : session.use_trans_sid

Search This Blog

Facebook Talkie

php - When refreshing the page,cause session variables to be cleared -

Comments

Post a Comment

Popular posts from this blog

delphi - How to make a proper alternate row color on a filtered TVirtualStringTree -

amazon web services - S3 Pre-signed POST validate file type? -

c# - Check Keyboard Input Winforms -