Notice (8): session_start() at CakePHP 2.2

Question

Randomly, from time to time, when i load a page it shows this error:

Notice (8): session_start(): ps_files_cleanup_dir: opendir(C:\Windows\TEMP) failed: No such file or directory (2) [CORE\Cake\Model\Datasource\CakeSession.php, line 615]

Im using CakePHP 2.2. What is going on here??

Answer 1

There is a session garbage collector in PHP that has a probability of executing whenever a PHP site is accessed. This is defined in php.ini by:

session.gc_probability
session.gc_divisor
session.gc_maxlifetime
session.save_path

http://www.php.net/manual/en/session.configuration.php

You have a gc_probability/gc_divisor chance that the sess_<PHPSESSID> files located in the save_path are deleted if they are older than gc_maxlifetime.

By default session.save_path is set to C:\Windows\Temp on Windows servers. I would suspect this almost always exists.

You need to give whatever account is executing the PHP script (IUSR by default if we're talking IIS) the "List folder" privilege under Advanced Security. This privilege is used by PHP to list the files in C:\Windows\Temp (or whatever location you have configured) to determine the actual names of the sess_<PHPSESSID> that it needs to parse through. It'll then go through each one of these files and if the modified date is older than maxlifetime it will delete the file. It has all the permissions it needs by default except list folders. Strangely enough IIS_IUSRS (a group used for application pools I believe) is granted this privilege, but not IUSR.

If you're curious IUSR is able to create those sess_<PHPSESSID> files because "Users" is granted the traverse folder permission and create file permission (it never does a list operation up to this point). It appears that IUSR is an unspoken member of either Authenticated Users or the Users group from testing performed here. There's also a special "CREATOR OWNER" permission set that gives owners full permissions of the files they create. This is where IUSR gets the privilege to actually delete the file. It's a bit convoluted but the only thing you should have to worry about is 'List folder'.