Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Zend Framework - session id regenerated, can't stay logged in [duplicate]

I'm trying to store sessions in a database using Zend Sessions however for some reason my sessions die out. Im not sure if there's some code being executed which does this or whether its something else.

I've noticed that the session ID seems to be regenerated after a breif time after having logged in.

This is even despite having added the following line in my htaccess file:

php_value session.auto_start 0

The end result is that I'm logged out every minute I'm logged in.

Heres my code in my bootstrap file

$config = array(
    'name'           => 'session',
    'primary'        => 'id',
    'modifiedColumn' => 'modified',
    'dataColumn'     => 'data',
    'lifetimeColumn' => 'lifetime'
);


$saveHandler = new Zend_Session_SaveHandler_DbTable($config);
Zend_Session::rememberMe($seconds = (60 * 60 * 24 * 30)); 

$saveHandler->setLifetime($seconds)->setOverrideLifetime(true); 

Zend_Session::setSaveHandler($saveHandler);
//start your session!
Zend_Session::start();

I'm not using any other session related function except perhaps for Zend_Auth when logging in.

Infact rememberme calls the regenerateID function of the Session class - the end result is that I'm constantly logged out every few minutes now.

like image 364
Ali Avatar asked May 11 '11 11:05

Ali


3 Answers

I think that you might be having this problem because you're calling rememberMe BEFORE starting the session.

You have to start the session first otherwise rememberMe won't do anything since it needs a session to set the rememberMe time on.

rememberMe calls the regenerateId function and the regeneration of the Id is what really needs the session to exist.

Place the rememberMe call after the session start then see how that works for you.

If that isn't it then I don't know what it could be since my code looks similar to yours.

like image 191
Jerry Saravia Avatar answered Nov 13 '22 19:11

Jerry Saravia


Have you tried something like this?

protected function _initSession() {
    $config = array(
        'name'  => 'session',
        'primary'  => 'id',
        'modifiedColumn' => 'modified',
        'dataColumn' => 'data',
        'lifetimeColumn' => 'lifetime',
        'lifetime' => 60*60*24*30,
    );

    Zend_Session::setSaveHandler(new F_Session_SaveHandler_DbTable($config));        
}

This way the lifetime isn't set after initialising the database sessions, but is directly included in the initialisation options - it works for me, I see no reason why this should fail in your case :).

like image 5
mingos Avatar answered Nov 13 '22 20:11

mingos


I think you need to look once into following values after bootstrap code

session.gc_maxlifetime
session.cookie_lifetime
like image 2
Sandeep Manne Avatar answered Nov 13 '22 20:11

Sandeep Manne