On Mon, Jul 21, 2008 at 11:21 AM, Jason Pruim <japruim@xxxxxxxxxx> wrote:
>
> On Jul 21, 2008, at 11:11 AM, tedd wrote:
>
>> Hi gang:
>>
>> I found the problem I was having with sessions and want to share it with
>> you -- it surprised me.
>>
>> To refresh -- I was having a problem with destroying a session. I went
>> through all the steps shown in the manual and dozens of recommended ways of
>> doing it I found on the net.
>>
>> However, I found that while I was actually destroying the session I
>> wanted, another session was being created in a very unexpected way.
>>
>> Now, the manual says:
>>
>> "session_start() creates a session or resumes the current one based on the
>> current session id that's being passed via a request, such as GET, POST, or
>> a cookie."
>>
>> From that one assumes that if you place a session_start at the beginning
>> of each page, then the first time it's encountered, a session will be
>> created and with every encounter thereafter the established session will be
>> used.
>>
>> That's the way it works PROVIDED that you do not use the following in your
>> code:
>>
>> header('Location: http://www.yourdomain.com/whatever/index.php');
>>
>> If you use that statement, then a new session will be created AND you will
>> find that you'll have two sessions working concurrently. That creates
>> several problems -- one of them being while you may destroy the first
>> session, the second will be still remain.
>>
>> Now, how many people knew this?
>>
>> Am I the only one who didn't?
>
> If what you said is true tedd... I didn't know that and it could explain
> some problems I've been having with a website... In a little bit I'll read
> through this thread and see if I can replicate the problem over on my
> server.
>
>
>
> --
>
> Jason Pruim
> Raoset Inc.
> Technology Manager
> MQC Specialist
> 11287 James St
> Holland, MI 49424
> www.raoset.com
> japruim@xxxxxxxxxx
Setting a session and then issuing a redirect should not cause. Are
you exiting immediately after you set the location header? (Or at
least calling session_write_close()?) It sounds like the client is
handling the redirect and calling the new resource before your server
has finished the process and written the session to disk.
I'm pretty sure in ASP that when you call Response.Redirect(...some
resource...) that that call automatically exits the script, but PHP
continues processing the current script (at least until the server
becomes aware that the client is no longer listening).
You could write your own redirect function that does all of this for you:
<?php
function client_redirect($redirect_url) {
// You should make sure that $redirect_url is valid
session_write_close();
// Send the Location header to redirect the client.
header("Location: $redirect_url");
// flush any existing output buffers
while (@ob_end_flush());
exit();
}
?>
Andrew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
