5

I followed the answer from here but it didn't work for me:
Is possible to keep session even after the browser is closed?

Here is the code I tried:

$session_life = 2592000; // 30 days
session_set_cookie_params($session_life);
session_name('my_cart');
session_start();
// update the session_life
setcookie(session_name(),session_id(),time()+$session_life);

The problem with this is that every time the browser is closed I still get a new session_id, not the old one.

I am using a database to store the items in 'my_cart' and the session_id is just used to identify the user to show them their own cart.

What is the best way for me to keep the users cart alive for 30 days?

This is the code I ended up with:

$cart_name = "my_cart";
$cart_life = 2592000; // 30 days
session_start();
if (isset($_COOKIE[$cart_name])) {
    session_id($_COOKIE[$cart_name]);
}
setcookie($cart_name, session_id(), time()+$cart_life);
Community
  • 1
  • 1
user1275136
  • 301
  • 1
  • 3
  • 10
  • 1
    Perhaps this is a job for cookies and not sessions. – mawburn May 23 '12 at 13:55
  • Your session can also expire on the server. The php parameter [session.gc_maxlifetime](http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime) defines the maximum time that the session information is kept around before it is garbage collected. – Marcus Adams May 23 '12 at 14:31

1 Answers1

3

I've had to do a similar thing with a site I wrote (allow a 30 minute period for a customer to enter a code)

Rather than use a cookie (as you can't guarantee that the customer would be returning to the site in the same browser), I stored the expiry time for the code against the user's record. That way, whatever browser they accessed the page from (e.g., starting from mobile, finishing on a desktop), they would always expire at the same time.

When the customer returns to the site, I compare the current time to the expiry time and act accordingly

As you're already storing the customer's basket, I would add an expiry time against the record and then run a compare when the customer returns. It's quite easy to do:

update basket set expiryDateTime=date_add(now(),interval 7 day) where basketID=[xyz]

If you want, you could even set the time of day to be a standard value (20:00) by using a bit more trickery in MySQL

DaveyBoy
  • 2,928
  • 2
  • 17
  • 27
  • Thanks but that only works when the customer is logged in. I also wanted to allow the customer to add items to the basket without having to register. Besides which I'm already keeping a last_update field in the database against the cart record. (What I mean is, I'm already going to be doing this for registered customers). – user1275136 May 23 '12 at 14:13
  • In that case, store the basket in a cookie (as a JSON string) with an expiry date value too. When they return, check for the cookie and expire any items that need to be. Just ensure that no personal information is stored in the cookie. If they need to register to actually get to the check-out/payment section, transfer the information to the DB once they have successfully registered and only use the DB from there on in (i.e., cookie for un-registered, DB for registered). This would allow for order history to be searched as well. – DaveyBoy May 23 '12 at 14:18
  • Sorry I don't think you understood me. I am storing the cart in the database already, and for registered customers I will find the carts they own from the database. All I'm trying to do here, is that when the browser is closed, persist the session_id from before so that unregistered customers will see their cart from before. So I created a session under the session name, and set it to expire in 30 days, but it still seems to expire when the browser is closed. What do I do to fix that? I only need the session id from before to identify the cart which is already stored in the database. thanks – user1275136 May 23 '12 at 14:23
  • Put the session ID into the cookie and search for than when someone goes to the site. If they return in a different browser, they're not getting anything. The advantage of putting the expiry date/time into the DB is that you can run a job every hour/day to expire/delete records not associated with a registered user – DaveyBoy May 23 '12 at 14:49
  • Okay, now you've reached my question finally! That's what I tried to do but it doesn't work... how to fix it? – user1275136 May 23 '12 at 15:48
  • Hopefully, you're not using the session ID as the primary key of the database. Therefore, store the primary key (or some other unique value - `md5(microtime()).$sessionID`?) of the basket record in the cookie and identify the record from that. Add the expiry date/time to the DB and check that to see if the basket is active. Think about it - if you're relying on the session expiry to be the flag for a valid basket, what happens to all the records where the customer doesn't return? They'll just be sitting there. Expiry date in DB = something useful for housekeeping. Session ID=PK? Good luck – DaveyBoy May 23 '12 at 16:14
  • The session id is not the primary key, And what happens to all the abandoned sessions is that if they are more than 1month old they are found by a query and deleted. I appreciate the extra info but this isn't what this question was! I also found out what the problem was, the code I posted actually DOES work but I made a silly mistake - I wasn't declaring the session_start() in the right place. Thanks for all your help anyway. – user1275136 May 23 '12 at 16:20
  • If you are already storing some data to show the age of the basket and using that as a check for housekeeping, what is the point of having another expiry date/time in a cookie? The two might not match. If are you identifying a user from the session ID, that's the same as identifying a record from a primary key (a user can only have one active basket I would guess). Don't duplicate data where you don't need to. Go back and re-assess how you are identifying baskets to make sure that you have consistency across all possible user journeys – DaveyBoy May 23 '12 at 16:34
  • Actually I'm not storing an expiry date in the database, although I may have told you that for simplicity of argument. I'm storing a timestamp of the last_update. So long as the user alters the cart it won't expire for a certain time period. So long as they keep accessing the website the cookie time period will be updated. The only case where a cart may be deleted when they didn't want it to, they make a cart & don't change it for the time period, but access the website to look at it. For that, I don't really care, because it doesn't show a real interest in buying. – user1275136 May 24 '12 at 10:52
  • Besides that, the registered customers will be notified by email their cart is about to expire and will be deleted. – user1275136 May 24 '12 at 10:53