2

I have a long running script that has a progress bar that updates every few seconds (This is important since it means I have already outputted information to the browser).

The script can run up to 10+ hours, after which it redirects to a results page. The results page looks for a valid session:

$_SESSION['valid'] == true;

before allowing anyone to access it. However, I am running into a problem where the browser SESSION will expire, and the results page will not allow access to the user upon redirect. Is there any way to solve this? I could of course change my session time limit at the top of the script, but ideally I could refresh the session right before the page redirect. As of now, I am running into the error: warning: session_start(): cannot send session cookie - headers already sent When I try to start a new session and update the values. Any advice would be great.

superdee72
  • 61
  • 8
  • there may be a server cache dump set to happen ever so often that causes this. Are you on a development server or production server. may check with your host to see if so. – drooh Feb 13 '16 at 01:35
  • I have tested both on my AWS server and my Local machine. In both cases the Session seams to get dumped. Which is fine, but I would like to be able to refresh the session from the running script right before redirecting to a new page. – superdee72 Feb 13 '16 at 01:38
  • could you try storing your data elsewhere such as a text file or mysql database? – drooh Feb 13 '16 at 02:04
  • Just a note that `session_start` does not actually restart the session -- it just tells the script that you'll be using sessions, and it has to come before any other output, as you discovered. You might look into `session_regenerate_id` -- it may give you the same problem, though. http://php.net/manual/en/function.session-regenerate-id.php – fredrover Feb 13 '16 at 02:07
  • Yup session_regenerate_id gives me the same error. I am trying to think of another way to tell the page I am redirecting to that the user is valid, even if the session has expired. Something like $_POST work work since then the page could be accessed with a simple URL. – superdee72 Feb 13 '16 at 04:40
  • is that `if($_SESSION['valid'] == true);`? You might also need to set the session validity period `session.gc_maxlifetime` in sessions in php.ini - by default it is only about 24 minutes also `session.cookie_lifetime` http://stackoverflow.com/questions/18682735/php-infinite-session – Steve Feb 13 '16 at 05:05
  • Also http://stackoverflow.com/questions/6360093/how-to-set-lifetime-of-session covers what might give a solution in the script rather than settings in the ini. Check also that the server is not closing the connection. Maybe it could submit the results to another page rather than redirecting, as redirect also has the same problem with "headers already sent". Possibly even fire a javascript `window.open()` when the script has finished. – Steve Feb 13 '16 at 05:13
  • After ten hours the whole connection chain may have gone to sleep - this discussion of HTTP/1.1 persistent connections might be of interest: https://www.safaribooksonline.com/library/view/http-the-definitive/1565925092/ch04s05.html – Steve Feb 13 '16 at 05:41
  • If you can use `$_POST` then you could store the ID in a hidden variable which would be picked up when the script submits to the results page - you could even `include` the results page at script completion and it should have access to the script variables. Might possibly have a bit of a risk of injection attack though. – Steve Feb 13 '16 at 05:46
  • Remember to use `exit;` after your redirect or the existing script will continue to output its last bits of HTML ad mess things up a treat. – Steve Feb 13 '16 at 06:18

0 Answers0