Welcome to WebmasterWorld Guest from 54.162.117.84

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Session cookie expiring too early

     
3:08 pm on May 7, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Dec 13, 2009
posts: 945
votes: 0


Hey guys,

Got a bit of an issue on the system I'm developing, with session cookies being prematurely dropped, despite being explicitly told to last for 12 hours.

Other cookies I'm setting are lasting their designated 14 days.

The browser in question is Firefox (internal system, we're all using FF 19+)

In the base include file, I have the following lines to initialize the session:
if(php_sapi_name() !== 'cli') {
if(!isset($_SESSION)) {
session_set_cookie_params(43200);
session_start();
}
}
[uk3.php.net ]

And in the Web Developer Toolbar cookie viewer it is being shown as:
Name  PHPSESSID 
Valued 9hgs8ekjo2g2oeen0pvq2a630
Host [[HIDDEN]].co.uk
Path /
Expires Wed, 08 May 2013 03:20:34 GMT
Secure No
HttpOnly No

Note that the "Expires" there is 12 hours after the last time I performed an action on the site

I've dug through the about:config settings, and made the following changes, which when rolled out fixed it for several users (myself included), but several people are still experiencing the issue:
network.cookie.alwaysAcceptSessionCookies;true
privacy.clearOnShutdown.cookies;false
services.sync.prefs.sync.privacy.clearOnShutdown.cookies;false

And despite much Googling and quizzing my colleagues, I'm all out of ideas for what to do.

So, I'm *really* hoping one of you guys might have some insight as to why this is happening, and how to go about fixing it.

Thanks in advance,

Mike
7:51 pm on May 7, 2013 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:13210
votes: 347


session cookies being prematurely dropped, despite being explicitly told to last for 12 hours

It's either a session cookie or a cookie with an explicit duration time. Which is it?

I've come to grief a few times through giving times in minutes when the system expected seconds or vice versa ("Whoops! Why is this cookie set to expire in 2028?")
8:35 pm on May 7, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Dec 13, 2009
posts:945
votes: 0


I used the wrong terminology there, sorry - I mean the cookie with a reference to the PHP session is being dropped prematurely.
11:07 pm on May 7, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member drdoc is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 15, 2002
posts:6807
votes: 0


Is session_set_cookie_params always called, whether the session already exists or not, prior to calling session_start?
7:06 am on May 8, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Dec 13, 2009
posts:945
votes: 0


Yes
11:34 am on May 18, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Dec 13, 2009
posts:945
votes: 0


Just to let peeps know: It turned out that the php.ini setting session.gc_maxlifetime was set really low. Problem solved, users are now finding other things to complain about :)