Closed switchroyale closed 1 year ago
Hi @stefangabos,
I agree with @switchroyale after upgrading to PHP8.
I use both Zebra_Database and Zebra_Session in my CMS software, both fantastic PHP classes. Unfortunately after upgrading to PHP8 my sessions expire immediately. I've spent a whole day debugging my code only to find that out. Previous versions on PHP7 worked fine!
$session = new Zebra_Session($link, 'sEcUr1tY_c0dE');
I'm looking at your code but can't find what's wrong. Default value is 0 if not specified. Gonna try a value.
I can't find anything related to this and I am almost certain that I have it somewhere running on PHP 8 it is maybe some setting in you php.ini used for PHP 8 that impacts this somehow i'll keep digging but feedback is appreaciated
Hi @stefangabos,
So I can confirm that making a change to the session lifetime in your Zebra_Session class appears to fix my issue within PHP 8.1. PHP 7.4 works ok with 0 (zero), however PHP 8.1 definitely expires sessions immediately with 0. Here are my working PHP 8.1 settings...
$session = new Zebra_Session(
$link, // Database Connection
'sEcUr1tY_c0dE', // 2nd var is a random security code and part of a hash to preventing session hijacking
1440, // Session Lifetime
true, // Lock to User Agent
false, // Lock to IP
60, // Lock Timeout
DB_PREFIX.'_sessions', // Table Name
true, // Start Session
false // Read Only
);
I've done extensive research into this issue but can't find a solution when allowing default session lifetime of zero.
Guys, this is now fixed. Please download latest again. Thanks for reporting and keeping this thread alive
Hi @stefangabos,
Will do and thank you for your prompt response :)
Hi there, I'm a big fan of Zebra Session and have been using it for quite some time now with no issues until now. The servers I use are being transitioned to PHP 8 and I noticed that my settings, specifically the Session Lifetime setting, no longer works as it has on PHP 7. My current setup looks like this:
On PHP 8, a Session Lifetime of 0 (zero) seems to expire immediately. I could make the Session Lifetime greater than zero but my goal is to essentially not have sessions expire unless the browser is closed. Any suggestions?