0

I'm using PHP sessions to keep track of info that needs to be persistent between some pages. I call session_start() at the top of those pages, and my $_SESSION data magically gets saved! Yay! (Well, it's not real magic, but hey, much better than client-side cookies...)

However, my nginx logs are getting polluted with tons of these messages:

[error] 1105#0: *238 FastCGI sent in stderr: "PHP message: PHP Notice:  A session had already been started - ignoring session_start()

What should I do about this? I'd defintely prefer the error not being reported as such; it's a session continuation and hence should not be even considered an error, right? Or am I totally abusing session_start() somehow and my kind webserver is just giving me a gentle hint?

Edit:

I call session_start() for the submit.php page that is the form submission action (because it needs access to the session data), and once it's done I then include the php page that creates new pages (which also calls session_start() for the same reason, and because it's genuinely needed when you are starting a new session). I'd really like to keep that functionality separate. At the moment, submit.php is getting most of it's data from $_POST but a little bit from $_SESSION, and I'd rather not put the sensitive session information on the client side.

Community
  • 1
  • 1
Escher
  • 4,200
  • 6
  • 39
  • 78
  • 1
    It means `session_start` is being called more than once _in the same request_. Solution: don't do that. – AD7six Mar 16 '15 at 18:25
  • Ah. Well that's pretty inconvenient in my particular circumstances! See edit above. – Escher Mar 16 '15 at 20:16
  • Your particular circumstances sound entirely standard. – AD7six Mar 16 '15 at 20:33
  • So ... what's the solution? Surely everyone can't be calling `start_session()` twice if it returns errors? – Escher Mar 16 '15 at 21:31
  • Great, that solved it. The trouble is, I generally take my cues from the php.net manual as linked in the question, and if the manual says that `session_start()` resumes a session, I do not expect it to throw an error when it does! – Escher Mar 17 '15 at 07:39
  • That's because you're still misinterpreting what that means. To get that error you are resuming/starting the session once, and at least once more after that _in the same request_. Resume does not mean "start a session if it's not already started." – AD7six Mar 17 '15 at 07:50

0 Answers0