0

I want to close my php session while I'm doing some computations (and outputs) and don't need the session, so that other scripts can use the same session concurrently. Later on I need the session again and therefore want to resume it. But this fails in PHP 7.3.

In PHP 7.0 the following worked fine, but in PHP 7.3 I get an error session_start(): Cannot start session when headers already sent:

Main session closed now...<br>
Warning: session_start(): Cannot start session when headers already sent
Main session resumed...<br>
Value: <br>

Code example:

session_start();
$main_id=session_id();
$_SESSION["value"] = "xxx: ".time();
session_write_close();
$_SESSION=array();
echo "Main session closed now...<br>\n";
flush();

// session_id($main_id);
session_start(array('use_cookies'=>false, 'cache_limiter'=>''));
echo "Main session resumed...<br>\n";
echo "Value: {$_SESSION["value"]}<br>\n";
flush();

Expected output:

Main session closed now...<br>
Main session resumed...<br>
Value: xxx: 1584991252<br>

Is this a bug and does somebody know a workaround?

Thilo
  • 234
  • 1
  • 8
  • once you start the output, a new header (like session) can not be applied. Therefore, this works like expected. – Alex Mar 23 '20 at 21:02
  • And... In 7.0 you probably had error reporting off or set not to display. – AbraCadaver Mar 23 '20 at 21:08
  • @AbraCadaver No I don't, same file with error eporting turned on at the top to be sure.. – Thilo Mar 23 '20 at 21:11
  • @Alex I don't want to output a new header, hence the `use_cookies` set to false...using the above code won't output a second header, neither on php 7.0 nor on php 7.3, but php prevents it nontheless – Thilo Mar 23 '20 at 21:12
  • @AbraCadaver this was *NO* duplicate because I instructed PHP to *NOT* send any headers and I'm expecting to get no header related error in this case! – Thilo Mar 28 '20 at 07:17
  • The correct solution can be found here: https://stackoverflow.com/a/60898404/3528174 – Thilo Mar 28 '20 at 07:28
  • Headers are sent with any output. You output here `echo "Main session closed now...
    \n";` then try and start a session.     – AbraCadaver Mar 28 '20 at 14:56
  • But you are correct it didn't generate a warning in 7.0.0 - 7.1.33 https://3v4l.org/DGDdD#v700 – AbraCadaver Mar 28 '20 at 15:01
  • @AbraCadaver Headers for the first session are okay, but it should not try to send headers for the other `session_start()` calls because they are configured with `'use_cookies'=>false, 'cache_limiter'=>''`...and php < 7.2 did not send those headers, too --> this isnt a warning that was missing in older versions and now got added but a behavioral change in php I would call a bug (it now is trying to send headers in subsequent `session_start()` calls **even** if it is configured to **not** do so. – Thilo Mar 29 '20 at 03:01
  • This is revealed by sending the headers yourself (see my answer in https://stackoverflow.com/a/60898404/3528174 ) I configure php to **never** send any session headers and send the cookie-header for the first session by hand...this way php does not try to send headers in the second and third `session_start()` call (which would have been a bug as I said, but doing it by hand circumvents this particular bug) – Thilo Mar 29 '20 at 03:04

0 Answers0