2

I have searched high and low for an answer to this. I have a site that plays long video files. I do not wish the user to timeout while watching a video, so I wanted to put a AJAX call on a timer that refreshes the session. I was told by many that doing anything with the session on the refresh page would be enough, but nothing is working. I have the php session expire set to 30 minutes. I would rather not increase this anymore.

Here is my jquery / AJAX call

//var time = 20000; // for live
var time = 10000; // for testing

// loop to handle refresh session
setInterval(function() {

    // ajax call to get image
    $.ajax({
        url: 'refreshSession.php',
        cache: false,
        async: false,
        type: "POST",
        data: {},
        success: function(){},
        error: function(request, status, error){
            alert('Login Session Error: ' + request.responseText + '  STATUS: ' + status + '  ERROR: '+error);
        }
    }); 
}, time);

The AJAX call is working great and loops correctly. Here is the refreshSession.php file which i need to keep the session alive.

<?php
include_once("configure.php");

// store session data
if (isset($_SESSION['userData']['userID']))
    $_SESSION['userData']['userID'] = $_SESSION['userData']['userID']; // or if you have any algo.
?>

Note, that the configure.php file does call the session_start(); I was writing to a file the session id and other info and the correct information was being written. So I know this php file is reading the session variables.

However, after 30 minutes, I get logged out and the session is reset. Is there something I'm missing?

user1860996
  • 89
  • 1
  • 8

2 Answers2

0

Don't know if you got the solution to this problem, however I was facing this issue too and was able get it resolved by updating the session cookie expiry time.

You need to understand that sessions are maintained based on the cookie set by the server. When your main page is loaded response header sets cookie with expiry date. In order to increase your session expiry time, this cookie expiry time needs to be increased.

Set-Cookie:PHPSESSID=xxxxxxxxxxxxxxx; expires=Thu, 04-Aug-2016 10:22:20 GMT; Max-Age=900;

So you need to update the session cookie with extended expiry time. use setcookie() to accomplish this.

<?php session_start();
setcookie("PHPSESSID", session_id(), time() + ini_get("session.cookie_lifetime"));

include_once("configure.php");

You can also use the session_regenerate_id(). This will do the task of renewing the session id as well as expiry time. This will also prevent session hijacking and session fixation.

rkmourya
  • 446
  • 4
  • 7
-2

This:

<?php
 include_once("configure.php");

Should be:

<?php
session_start(); //This line is missing
include_once("configure.php");
Hackerman
  • 12,139
  • 2
  • 34
  • 45
  • The session_start() is called (among other things) in the configure.php. The session variables would be blank if it was not being called. – user1860996 Jun 03 '14 at 04:19
  • Do you even try this way??...you could also put an echo in the if condition....btw why you are assigning the same var `$_SESSION['userData']['userID'] = $_SESSION['userData']['userID'];`, could you explain your problem a little bit more?? – Hackerman Jun 03 '14 at 13:00
  • I tried putting the session_start() as the first line and still nothing. I have also tried setting a random value to the session to see if it would stay alive... nothing yet. My issue is, the php.ini file has set the session to expire after 30 minutes. I really don't want to go any longer. I want the session to refresh itself as long as they are still on the site. The site has many videos which are over an hour long. While a member is watching a video, I do not want them to get logged out. My thought was to use a jquery / ajax loop to call a php file to refresh the session. – user1860996 Jun 04 '14 at 13:09
  • http://stackoverflow.com/questions/19399439/refresh-php-session-var-after-ajax-request – Hackerman Jun 04 '14 at 13:42