0

I'm encountering an issue with sessions that I can't figure out. I have a class that loads at the start of index.php. (Below code is an excerpt, but is the first code executed). If the user logs out, I try to destroy the session, at which point I get a "trying to destroy uninitialized session after session_start" error. If the user does not logout, I access session variables with no problem. In trying to determine why, I added code to check session_status and found PHP_SESSION_ACTIVE immediately after session_start(), but when I again check session_status within the unsetSession function, right before session_destroy(), I find the session is not active. How is that possible?

class UserAccess
{
    public function __construct($page)
    {
            session_start();

        if ($page == 'logout') {
            $this->logout();
        } else {
            $this->checkSession();
        }
    }

    private function unsetSession()
    {
        session_destroy();
    }

    private function logout()
    {
         $this->unsetSession();
    }

Index.php:
<?php
define ('BASE_DIR',  __DIR__ . '/');
include("includes/config.php");
include(INCLUDE_DIR . 'autoload.inc.php');

//** Get Target Page
$current_page_uri = HTMLSPECIALCHARS($_SERVER['REQUEST_URI']);
$path = parse_url($current_page_uri, PHP_URL_PATH);
$part_url = explode("/", $path);
$page = end($part_url);

$DB = DB::dbConnection();
$UserAccess = new UserAccess($page);
roybman
  • 25
  • 5
  • 5
    `$action` will never equal `logout` because `$action` doesn't exist. – AbraCadaver Aug 22 '16 at 14:55
  • I don't think its relevant because maybe he didn't post the full code. I am pretty sure the logic can't be that messed up. Or can it? – Eisa Adil Aug 22 '16 at 14:59
  • Could you show more of your code please? It does not appear to make sense why that would not work (given that the logic is not screwed up, as discussed in other comments here). – ArSeN Aug 22 '16 at 15:00
  • `didn't post the full code` too bad, how to track the error then? – JustOnUnderMillions Aug 22 '16 at 15:00
  • And please post the full original *error message* :) – JustOnUnderMillions Aug 22 '16 at 15:02
  • @EisaAdil Right, when someone asks me why the code they showed me doesn't work, my answer is usually, "_we'll, let me ignore the code you showed me and use my imagination to make up my own code where all bugs are fixed. Done! Now the answer is clearly there's nothing wrong with your code since in my imagination it works perfectly._" ___If the code you show us isn't relevant the question should be closed.___ – Sherif Aug 22 '16 at 15:02
  • 1
    I take a roll and say: The Object isnt singleton and created 2 times, first time session is destroyed, in the second call no more session exists anymore, and cant anymore destroyed and so it throws an error. – JustOnUnderMillions Aug 22 '16 at 15:05
  • @Sherif I get your point but I trust our friend is sane enough to instantiate the variable he is making a comparison with. – Eisa Adil Aug 22 '16 at 15:05
  • @JustOnUnderMillions Has a more relevant solution. +1 for that. – Eisa Adil Aug 22 '16 at 15:06
  • 1
    [dublicate] http://stackoverflow.com/questions/18551030/error-session-destroy-trying-to-destroy-uninitialized-session – JustOnUnderMillions Aug 22 '16 at 15:07
  • @EisaAdil Now ***that*** is not relevant. We can't objectively answer a question with that kind of logic. This site would not be useful to anyone. – Sherif Aug 22 '16 at 15:08
  • Ahm i just do a comment, no answer at all :) – JustOnUnderMillions Aug 22 '16 at 15:09
  • As indicated, the code is an excerpt. I updated the question to show that action is coming in. No, this is not created more than once, only at the start of index.php. – roybman Aug 22 '16 at 15:13
  • @roybman NOPE because `UserAccess` class is called not the *half* shown `UserAuth` Class. Close this question, thing again, and open a question with more usefull information :) – JustOnUnderMillions Aug 22 '16 at 15:15
  • Also, in response to this being marked as duplicate, the issue in that other question was with session_destroy being followed by session_regenerate. That is not the issue here. – roybman Aug 22 '16 at 15:16
  • @roybman Thats the only reason why stuff like that happens, you question say: If i you do this in class, in a private method, all get crazy. But Thats isnt the case at all. I can drop more question [answered] with this problem, everytime a user fail to write proper code, not an PHP behavior bug or else. :) – JustOnUnderMillions Aug 22 '16 at 15:18
  • What you just renamed the class to `UserAccess` and you still thing we can help you with your problem. Im out ...... – JustOnUnderMillions Aug 22 '16 at 15:20
  • so in the interest of eliminating any confusion by excerpting, I copied in the code from the beginning of index.php and from the class. – roybman Aug 22 '16 at 15:21
  • You copied a half of the class, man. Reopen this question, with proper information. – JustOnUnderMillions Aug 22 '16 at 15:22
  • OK do this `if(session_status() == PHP_SESSION_ACTIVE) { session_destroy(); }` and you are fine .... finally out. – JustOnUnderMillions Aug 22 '16 at 15:23
  • @JustOnUnderMillions First, the correct way to do that is if(session_status() === PHP_SESSION_ACTIVE) { session_destroy(); } Second, that doesn't answer the question of why it is active in one place and not the logical next executed line of code. – roybman Aug 22 '16 at 15:47
  • I had already done that, which is how I know it is active in the construct and not in the unsetSession function. – roybman Aug 22 '16 at 15:49

0 Answers0