PHP Session Cookies fail with users changing IP

Posted by Columbo on Stack Overflow See other posts from Stack Overflow or by Columbo
Published on 2010-02-19T13:32:07Z Indexed on 2010/04/26 22:43 UTC
Read the original article Hit count: 396

Filed under:

php

|

session

|

cookies

|

ip-address

Hello, I have a login script for a small application that works by storing session cookies and checking them on each page to make sure the user is logged in. One of the two users who uses the system keeps getting logged out randomly. This appears to be down to the session cookie that shows then authenticated no longer being present.

After a lot of investigation the only thing I can see that is different about this user is that their IP address is changing (today it was changing every hour (their on Sky)). The only thing is the change of IP address has happened 5 times this morning and only once has the user been logged off.

Has anyone had a similar issue?

Are session cookies in someway tied to IP addresses?

Any help or links much appreciated.

Thanks

C

© Stack Overflow or respective owner

Related posts about php

Magento, NGINX, PHP-FPM, APC, MEMCACHED, 16gb Ram CentOS, Spiking PHP-FPM to 100% CPU

as seen on Server Fault - Search for 'Server Fault'
I have been trying to resolve my issue of spiking cpu caused by php-fpm processes. I've reduced the php-fpm config settings to: pm = ondemand pm.max_children = 12 pm.start_servers = 2 pm.min_spare_servers = 2 pm.max_spare_servers = 10 pm.max_requests = 500 php_admin_value[memory_limit] = 128M Problem… >>> More
PHP Pear Installation on CentOS

as seen on Server Fault - Search for 'Server Fault'
[root@ip ~]# yum install php-pear* Reducing CentOS-5 Testing to included packages only Finished Setting up Install Process Package 1:php-pear-1.8.1-2.el5.centos.noarch already installed and latest versio … >>> More
Apache configurations for php "AddType text/html php" or "AddType application/x-httpd-php php .php"

as seen on Server Fault - Search for 'Server Fault'
I am taking over an application server and discover that it contain the following settings: AddType text/html php Although it works, but my understanding is that it should set as following: AddType application/x-httpd-php php .php What are the key differences between the two settings?… >>> More
mod_rewrite settings causes server to throw HTTP 500 errors instead of 404

as seen on Server Fault - Search for 'Server Fault'
Hello. I have a server with VBulletin forum (working under Apache 2.2, CentOS). The default settings for it in .htaccess are as follows: RewriteEngine on RewriteCond %{HTTP_HOST} ^gsmforum\.ru RewriteRule (.*) http://www.gsmforum.ru/$1 [R=301,L] # If you are having problems or are using VirtualDocumentRoot… >>> More
Problems installing Memcache (PECL extension)

as seen on Server Fault - Search for 'Server Fault'
I have installed memcached fine, and now I will need to install PECL extension memcache. Im running RedHat x86_64 es5. The installation gives me this: downloading memcache-2.2.6.tgz ... Starting to download memcache-2.2.6.tgz (35,957 bytes) ..........done: 35,957 bytes 11 source files, building running:… >>> More

Related posts about session

any clue in these logs why keyboard audio and internet are messed up

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Jun 7 00:01:18 Isis lightdm: pam_unix(lightdm-autologin:session): session opened for user mimi by (uid=0) Jun 7 00:01:18 Isis lightdm: pam_ck_connector(lightdm-autologin:session): nox11 mode, ignoring PAM_TTY :0 Jun 7 00:01:26 Isis polkitd(authority=local): Registered Authentication Agent for… >>> More
session variables lost between pages or use same variables

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Yesterday I learn many thing from you, especially from Marc and my problem was solved ( session variables lost between pages or use same variables ). But now I continue asking: I don't want to use Session ID(session.use_trans_sid = 1) between pages. But also I don't want to use same session… >>> More
WTSQuerySessionInformation returning empty strings

as seen on Stack Overflow - Search for 'Stack Overflow'
I've written a program which should query the Terminal Services API and print out some state information about the sessions running on a terminal services box. I'm using the WTSQuerySessionInformation function to do this and it's returning some data but most of the data seems to be missing... Does… >>> More
Can I set Session timeout for a specified Session variable differently than other Session Variables

as seen on Stack Overflow - Search for 'Stack Overflow'
I'd like to set the timeout on a specific Session Variable in a .Net web application, but leave other Session variables alone. Is this possible? Example: I have 5 Session Variables Session(var1) Session(var2) Session(var3) Session(var4) Session(var5) I want to set it so that Session(var1) through… >>> More
PHP upgrade to 5.3 from 5.2, sessions no longer get stored

as seen on Server Fault - Search for 'Server Fault'
background link: http://stackoverflow.com/questions/7014945/php-upgrade-5-2-to-5-3-session-issue I have upgraded PHP on my 2008 std server from PHP 5.2 to PHP 5.3. Following the upgrade, sessions no longer work correctly. I have copied over the settings from my PHP.ini files which are applicable… >>> More