Posted by Jim Michaels on 01/11/06 22:34

you *might* be able to try this:
ini_set(session.use_cookies="0");
before your session_start() and see if this clears things up. PHP might
give you an error though.
If I am correct, this setting affects ALL PHP users. the value is normally
"1". Be sure to set it back if things don't work out.
Jim

"Nico" <nicodenboer@yahoo.com> wrote in message
news:1132962880.983151.217130@g47g2000cwa.googlegroups.com...
> Hi,
>
> It seems I have a nasty problem. My website uses SSL and sessions.
> Authentication works fine, based on code like:
>
> session_cache_expire($this->sessionValidity);
> session_start();
> if (isset($_SESSION["id"]))
> {
> $this->sessionId = $_SESSION["id"];
> }
> else
> {
> $_SESSION["id"] = session_id();
> $this->sessionId = session_id();
> }
> session_write_close();
>
> However, for some strange reason, there are a few users who have
> troubles with lost session info. It means that a PHP cookie is stored
> on their PC, the information is returned to the webserver, but it
> doesn't match the original created session ID. The result; these users
> can never even login. We have tested with disabled firewalls and virus
> scanners (client side), but no effect. We have tested with sending a
> session ID via setcookie(), but again the session is not preserved in
> this specific situations.
>
> Server side we use PHP 4.3, client side the users have MS IE 6.0 SP2 or
> FireFox 1.0.7.
>
> Does anyone has an idea how to solve this ?
>
> Nico
>

[Back to original message]