3

One unexpected issue I faced recently was that I had Sagepay payment gateway configured on one of my site and it was working pretty straight. But when I moved the whole site to another server, I had to test the site using its IP address:

http://xxx.xxx.xxx.xxx/mywebsite/

Now when we complete online payment on site through Sagepay payment gateway,

  1. It returns back to the site
  2. Fetches customer details from Session
  3. Sends an email to the customer

So now (in 3rd step), when it went to fetch Customer Email from session, it didn't get any value. I tried to dump the $_SESSION array and it was blank.

So my question is: Is it possible that Sessions expire while surfing website through IP address?

Whisperity
  • 2,904
  • 1
  • 15
  • 35
aslamdoctor
  • 3,092
  • 10
  • 45
  • 81

2 Answers2

0

Yes... Sessions can be purged regularly if they fall within the limits... read here... also has hints on how to modify settings to suit you're needs: http://php.net/manual/en/function.session-cache-expire.php it details how PHP cleans up sessions which is most likely what is happening.

Brian
  • 7,632
  • 2
  • 22
  • 32
0

Sessions can expire if you are using a different domain (or server IP address) to access the server, as the session cookie (PHPSESSID) might take a domain attribute binding it to a domain (related: setcookie(), RFC 2109, the session_set_cookie_params() function).

To prevent sessions expiring, you might wish to take another approach, implementing a method that if you access the site from another domain/IP, you can still log in and "attach into" your previous session. This question and answer might be a good read as it describes various authentication methods, takes and pitfalls.

Community
  • 1
  • 1
Whisperity
  • 2,904
  • 1
  • 15
  • 35