session keeps refresh for ONE client

Anon

Hi,
I'm encountering a session problem that
when I browser the same or other pages on the same site, I got different session ids.
So I have incresing session files in c:\temp.
And most of all, I can't access those session variables from page to page.

here's my php configuration about session:

register_globals = On
track_vars = On
....
....
session.save_handler = files

session.save_path =c:\temp

session.use_cookies = 1

session.name = PHPSESSID
session.auto_start = 1

session.cookie_lifetime = 300
session.cookie_path = /

session.cookie_domain =

session.serialize_handler = php

session.gc_probability = 1

session.gc_maxlifetime = 300 ;
session.referer_check =

session.entropy_length = 0

session.entropy_file =

; session.entropy_length = 16

; session.entropy_file = /dev/urandom
session.cache_limiter = nocache

session.cache_expire = 180

session.use_trans_sid = 1

[deleted]

Does your browser have cookies enabled?

Anon

Isn't that one of the main reasons for using
session instead of cookies?
I'm running a php site with session management to save and use those variables users's clients sent back to me.
I wonder why this topic have anything to do with enabled (not enabled) client's browser cookie 🙂

[deleted]

You PHP appears to be set up to store the sessionid in a cookie in the browser.
If you don't have cookies enables, and you don't send the sessionID through the URL, PHP has no way on knowing which sessionID to use, and it will create a new one.

chris_shieh

First of all,Thanks for your answers.
But I still don't get it.
Did you mean that I should have :
session.use_cookies = 0

to disable using cookie to save variable?
(the conditions still NOT changed after trying this)
And since I had turned on the trans-sid
session.use_trans_sid = 1

(transparent session id), need I pass the session id in the URL manaually?

[deleted]

Read the manual about sessions. please.

If you set session.usecookies, php will try to set a cookie that contans the session id. If your browser doesn't have cookies enables, this will obviously not work.

If you set enable-trans-id, PHP will append the session id to each and every URL it sends.

Read the manual.

rosborne

Hi,
Its ok, I know what you mean 🙂
I had a similar problem, and put a post on this forum hoping someone would be able to help...and as yet I have not had a reply 🙁

Anyway, I've solved it...well I hope so, I've been testing it for a short while now and it all seems to be working now.

Basically, the session id is not saved on the browser from page to page (and I DO have cookies enabled on my web browser). ALSO, I also appended the PHPSESSID to each url, which works fine until someone fills in an enquiry form that needs to be posted (send file).

I have now made the following change to my php.ini file and it now works...

session.referer_check = ;

Basically, remove the 1 from this setting to disable it. This may set a security risk, but I know no other way.

Hope this helps,
Richard