Results 1 to 2 of 2
Thread: Session management in Apache
2011-06-06, 14:12 #1
- Join Date
- Mar 2002
- Sacramento, California, USA
- Thanked 1 Time in 1 Post
Session management in Apache
I'm maintaining a web site for a small Internet service company. Scripts are written in PHP; they run under Apache on a Linux server.
My client has some needs that seem to be best met by using session variables, which naturally require sessions. I haven't worked with sessions before, and I need some advice.
I don't have problems with the mechanics of defining and using sessions. I need to know about the subtler aspects of their behavior, such as gotchas to watch out for.
I'm particularly concerned about continuity of sessions. Suppose, for example, that a user is in the middle of a session and her browser crashes, or she suffers a power outage. When she returns to the site, will the server automatically recognize her and restore the session? If not, can my script do that for her, and what is the best way to do it? Is there a reasonably graceful way to restore her to the page she was on at the time of the crash if she enters the URL of the site's home page, instead of the page she was on?
This question is kind of open ended. The items above are examples of the kind of things I need to know, but the information I really need is the information that I don't know I need to ask for!
2011-06-06, 15:48 #2
- Join Date
- Feb 2001
- Silicon Valley, USA
- Thanked 93 Times in 89 Posts
Using PHP's built-in session management, you can create a "last page request" variable or any other variable you like. But in a crash or "accidentally closed the browser" scenario...
The PHP session id should be cleared when the user closes the browser. After a crash, some browsers can resurrect the previous session, so that would make the crash invisible to the site, as long as the session didn't time out on the server.
If the user returns without restoring/resuming the previous session, the browser will not send the previous session cookie. Perhaps you can stash a copy in a persistent cookie that you manage/clear yourself, then reset the session cookie in PHP (either by setting the cookie or in the URL)? I have no idea whether that would work.
If the PHP session cookie is completely gone, you probably cannot access the session variables. You'd have to save them somewhere more persistent (there seems to be support for this: PHP: session_set_save_handler), or roll-your-own session management. I imagine there might be some preexisting libraries for that.