Posted by Nico on 11/26/05 01:54

Hi,

It seems I have a nasty problem. My website uses SSL and sessions.
Authentication works fine, based on code like:

session_cache_expire($this->sessionValidity);
session_start();
if (isset($_SESSION["id"]))
{
$this->sessionId = $_SESSION["id"];
}
else
{
$_SESSION["id"] = session_id();
$this->sessionId = session_id();
}
session_write_close();

However, for some strange reason, there are a few users who have
troubles with lost session info. It means that a PHP cookie is stored
on their PC, the information is returned to the webserver, but it
doesn't match the original created session ID. The result; these users
can never even login. We have tested with disabled firewalls and virus
scanners (client side), but no effect. We have tested with sending a
session ID via setcookie(), but again the session is not preserved in
this specific situations.

Server side we use PHP 4.3, client side the users have MS IE 6.0 SP2 or
FireFox 1.0.7.

Does anyone has an idea how to solve this ?

Nico

• Next in forum: how to install php MySQL on server
• Prev in forum: Re: Secure PHPMYADMIN (accessible only by LAN)
• Thread view: session information at *some* clients lost

[Reply to this message]