sessions failing...

sneakyimp

hi:

i'm using $_SESSION to store variables for users that have logged in for a simple content management system. i understand from my client that dialup customers are unable to log in at all...and i was doing some rather intensive work yesterday and i kept getting logged out as i was working--or perhaps not logged out, maybe the session info was just disappearing.

what might cause this? are my sessions timing out so quickly even though i'm rifling through many pages? will frames have any impact on a session? for the dialup people might the dynamic IP situation jeopardize my sessions.

should i use COOKIES instead?

I checked PHP info and got this info about my session configurations:

Session Support enabled

Registered save handlers files user

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid On On

planetsim

Well it can depend. Usually something like this will occur if the session cache_expire is quite low in this case its at a fairly average setting.

You may want to use [man]ini-set[/man] to within the script set the expire time to a much higher level.

sneakyimp

180 minutes is a very long time...and the client has further demands...they want sessions to automatically expire after 10 minutes!!!

ugh.

at any rate, i think the sessions failing is some other problem. the customers that really have this problem are dialup customers--most likely using AOL.

i believe the problem might be related to propagation of the session ID. Does anyone know precisely how this SID propagation works?

i.e.
1) read cookie for session id
2) if not session id, look in query string?

i have trans-sid enabled and also use cookies enabled. any advice about how to tackle this problem would be MUCH appreciated....if anybody knows about quirks of AOL dialup, it would be great to know.