skip to Main Content

I have already seen this identical opposite question and its OP code sample seems perfectly fine to me. I’ve also read (including PHP docs) that session can be checked with session_status() on PHP >= 5.4 and it should be fine to do so before calling session_start() to determine if it already exists.

Now, I’m using PHP 5.4.16 on a CentOS 7.10 machine and the session_status() always returns 1 (PHP_SESSION_NONE) for me, only when I reload the page with this example:

<?php
$status = session_status();
session_start();
echo "The session status is : $status";

I expect it returns PHP_SESSION_ACTIVE (2) when I reload page (and I’m not forcing-reload with cache clear). I’m using latest Chrome version, and the page is embedded inside a virtual host with HTTPS over port 8443.

I’ve checked the PHP version with both php --version and via phpinfo() script to discard any version conflict just in case, and they’re same. Additionally, when I visit the session script page, the server creates empty files at /var/lib/php/session directory. I didn’t change default PHP settings for session or anything.

To make it clear: the session_status() works fine if checked afterwards on same script execution (The session status is : 2), but naturally I’m not interested in that since I want to check if session exist in first place.

What could be wrong?

2

Answers


  1. In my experience, session_status() only allow you to know if a session has been started, so if session_start() has been called in the current script.

    • PHP_SESSION_DISABLED I think that this is returned if session are disabled in PHP configuration.
    • PHP_SESSION_NONE is returned if the session has not been started in the current script
    • PHP_SESSION_ACTIVE if a session has been started in the current script.

    This post might interrest you https://stackoverflow.com/questions/32356373/how-to-disable-session-in-php#:~:text=You%20can%20disable%20the%20session,ini%20.

    A way to check if a session has been started in a different script would be

    
    <?php
    
    session_start();
    
    if (!isset($_SESSION['init'])) {
       echo 'first time session';
       $_SESSION['init'] = true;
    }
    
    
    
    Login or Signup to reply.
  2. Your session_status will always be PHP_SESSION_NONE until you call session_start in the lifetime of the current request. It does not matter if on some previous request you "already started" a session: you need to "re-start" it, to resume a previously started session. This is done via cookies.

    If your intent is to start a session only if the user already did something in the past that started a session (eg. they already logged in previously) and you want to resume a session but not start a new one, then you could simply check if (isset($_COOKIE['PHPSESSID'])).

    This may be beneficial if you know most of your users won’t need a session, and you want to avoid cookies and the overhead involved with a session, but still be able to handle the cases when a session is needed.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search