More on session variables

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I wanted to see if absolute or relative URLs had anything at all to do
with the session variable information being lost.  So, I wrote a simple
test program.  It is at The
results were not what I expected.  BOTH ways lost the session information.

All this test application does is call session_name to set a name. Then
session_start.  It prints out the name and dumps the session variables.
  It has two buttons, one for absolute header path and one for relative
path.  Each is a submit butto that goes to a page where the test is made
as the the source of the click and then uses a header("Location....)
command to go to one of two different pages.  Each of those pages dumps
the session variables and the session name,  and all pages (other than
the index page described earlier) has session_start(); as the first
executable line.

What happens is that the session variables are lost and the session
names become PHPSESSID, the default.

What is wrong here?  It seems so exceedingly elementary.  I have done
this process so many times to set and later read session variables that
is has become second nature to me.  Why is it not working in this very
simple application?

Re: More on session variables

On Jul 2, 7:06=A0pm, sheldonlg <sheldonlg> wrote:
Quoted text here. Click to load it

According to the php manual:

session_start() creates a session or resumes the current one based on
the current session id that's being passed via a request, such as GET,
POST, or a cookie.

If you want to use a named session, you must call session_name()
before calling session_start().

session_start() will register internal output handler for URL
rewriting when trans-sid is enabled. If a user uses ob_gzhandler or
like with ob_start(), the order of output handler is important for
proper output. For example, user must register ob_gzhandler before
session start.

Therefore i'd assume it is because the session defaults to PHPSESSID
which is indeed blank.

Also, the php manual goes on to say:
session_name() returns the name of the current session.

The session name is reset to the default value stored in
at request startup time. Thus, you need to call session_name() for
every request (and before session_start() or session_register() are

So insert session_name(MYSESSIONNAME); as the first line in the php
files and then session_start();


Re: More on session variables wrote:
Quoted text here. Click to load it

That was it.  Thanks.  I simply commented out the session_name setting
action and it worked.  Now I **REALLY** feel stupid.

Re: More on session variables

sheldonlg wrote:
Quoted text here. Click to load it

In the past I have not used named sessions.  I would like to explore
this option in order to expand my knowledge.

Here is what I would like to do, but there seems to be a chicken and egg
situation.  I would like to name the session as $thename =
'somekindoftext' . time();  I want to do this upon entering the base
page.  Now, as I  understand it, on every page I would then have:


However, where do these pages get the value of $thename from?  Also, if
we reenter the base page where the session name is generated, does that
start a whole new session and we would lose all prior information from
the previous named session?

So, here is what I see:

in index.php:
$sessionName = 'somekindoftext' . time();

in all succeeding pages:

Re: More on session variables

Greetings, sheldonlg.
In reply to Your message dated Wednesday, July 2, 2008, 22:55:38,

Quoted text here. Click to load it

It looks you want to generate session id, not session name.
Let me explain.
session_name() - sets the NAME of the session variable that will be used to
track sessions. It is the same for all users, and session_start looking for it
to retrieve session id.
session_id() - sets the actual session identifier, representing exact user who
browsing your pages. Actual "name" of the *user*.

Quoted text here. Click to load it

That's undefined in your example, excluding some rare, monstrous variants...

Quoted text here. Click to load it

Session name should not be generated.

Quoted text here. Click to load it

Session started by calling session_start() or session_register().
Calling session_name(), session_id() does nothing on that end.

Quoted text here. Click to load it

Create a 'session.php' like:


if(!array_key_exist(session_name(), $_REQUEST))
  session_id('somekindoftext' . strval(time()));



and include it in every your file that require session handling.

I've had real use of custom session ids only once:
When I had to write CLI PHP script which were want to store some data between
runs. I've used constant session ID made from script name and version to
restart previously saved session.


Re: More on session variables

AnrDaemon wrote:
Quoted text here. Click to load it

Thanks, that makes a lot of sense.

Site Timeline