Losing session variables

OwenTheSamoan

I'm having a little bit of a problem with using sessions. I have created a website using php and mysql. This site is interactive with about 700 members. I am using sessions instead of cookies. At the top of each page I have start_session(); and where necessary I register the sessions. My problem is this. At times everything works fine other times it seems that the session variable is being lost for no reason. I don't know much about sessions, but I do believe that the session variables are being stored on a remote server that I am using(someone else is hosting my site). It seems that the session variables are being lost regardless if the user is idle or not on the site. How can I prevent this? Will storing the session variable in a table in my database help? Will using a cookie in conjunction with the session help? I appreciate any advice anyone may have.

thanks.

sijis

i personally think that using a combination of sessions and cookies always seems to work.
for example, its not insecure the use a cookie to store a username, but (obviously) not a password. so when the user gets to your site, the 'site' recognizes the user (based on the cookie). after you've verified that user, you could add a session to 'tell' the 'site' that this user is valid and allow the user to access 'member only' pages or whatever.

now back to your question......
could it be that 1 particular file is causing the problem? maybe it doesn't have session_start() on that page or a session is misspelled. You could alternatively store some information in the mysql db (and maybe in combo with my spiel above).
you must also remember that the session is active as long as the user is active. (i'm not sure of the session active time though, could be 10 min), so if a user is reading a document and it takes him/her over 10 min to read and he/she tried to get to another page on your site, that session would have expired, even though the user was still 'active'.... follow what i'm saying?
i obviously could be slighly wrong, but that's my view on sessions, mysql and cookies. 🙂

hope that helps.

OwenTheSamoan

Thanks for getting back to me. I believe that using a cookie with the users identity would help. How do you go about doing this?

sijis

instead of putting the username in a session just put it in a cookie.

instead of this:

$SESSION['uesrname'] = $POST['username'];

it'll be something like this:

setcookie ("username", "", time() - 3600, "/", ".domain.com", 1);
then on the next page, you'll be able to do this:

echo $_COOKIE['username']; // prints out the username

here the documentation on setcookie function. look at the user examples too.
http://www.php.net/manual/en/function.setcookie.php

OwenTheSamoan

thanks for the help!