session_write

add a note User Contributed Notes

risaac at deadletter dot com
05-Apr-2006 03:46


Workaround if session_write_close() still doesn't write sessions fast enough:



I found with one PHP login system that even session_write_close() was not setting the session variables before I transferred pages with a Location: header.  So the user would log in, I would create the $_SESSION variables, call session_write_close() and then transfer to the secure page using header(Location:...).  The secure page would check for the session vars, not find them, and force the user to log in again.  After the second login the session would be found and they could continue.



My workaround was to create the $_SESSION variables with 0 values before writing the initial login page.  Then I updated the session vars with the login results and used the header() function to switch to the secure location.  Once the session vars have already been created, updated values are assigned quickly.  Problem solved.  Just be sure the secure page checks both that the $_SESSION var exists AND that it's not 0.

unspammable-iain at iaindooley dot com
24-Dec-2005 01:57


As we all know, if an object is serialised, then the class definition must be included _before_ it is unserialised.



My framework has an enormous number of class files, and including them all at the beginning of the script was really taking it's toll on my system (memory and execution time) so I switched to including required classes at the top of each class file that used them using require_once.



This caused problems because I start my session at the very beginning of my script's execution, but all my class files aren't there at the beginning!!



So no in my special 'require' function, I do the following:



if(!class_exists($to_require))

{

    session_write_close();

    require_once('path/to/classes/'.$to_require.'.php');

    session_start();

}



This is a considerably smaller performance hit that including every class that the application uses at the very beginning of the application.

cenaculo at netcabo dot pt
23-Jul-2005 06:32


This function is essencial when you change $_SESSION[] variables and then, at some poit in the middle of the script, you send an header("Location: http://...") function to the browser, because in this case the session variables may not be saved before the browser change to the new page.



To prevent from lossing session data, allways use session_write_close before this header function. session_write_close will force session data to be saved before the browser change to the new page.



Hope this will help you not to loose 1 day wondering why people could not authenticate or make other changes in session vars in your site.

bkatz at usefulengineering dot com
17-Jul-2005 11:05


session_write_close() worked as a lifesaver for me when automatically uploading files to a user (forcing a download instead of a link). If files are large, and since session_start() does not allow another page using session_start() to proceed until it's done, i was not able to upload more than one file at a time. By using session_write_close() before beginning the file upload, my users can now download as many big files as they like, at the same time. Example:



<?

session_start();

/* Do session stuff here; security; logging; etc. */

session_write_close();

/* NOW write out the requested file. */

header("Content-type: audio/x-mpeg"); /* or whatever type */

header("Content-Disposition: attachment; filename=" . $filename); 

header("Content-Length: " . $filesize);

header("Content-Transfer-Encoding: binary\n\n");

header("Pragma: no-cache"); 

header("Expires: 0"); 

$file_contents = file_get_contents($filepath);    

print($file_contents);

?>

editorial at literati dot ca
16-May-2005 04:13


Further to the comment by nakanishi at mailstyle dot com, it appears that calling session_write_close() followed by session_start() causes issues if you have more than one browser window/tab open in the session, and have a large session data array.  I have an intermitent (and hard to replicate reliably) issue with session_start() never being called or not returning - the script hangs before the session headers are written.  I'm puting this down to trying to be too clever rather than to a bug per se.

kumar mcmillan
07-May-2004 12:54


if you are trying to work with a larger code base meant for a specific application... and it implements some custom session save handlers, it appears there is no way to reset those save handlers back to the default php state if they are getting in your way.  my workaround:



session_write_close(); // close the session at the top of the page :)

jp at webgraphe dot com
22-Nov-2003 07:50


It is a good idea to call session_write_close() before proceeding to a redirection using



header("Location: URL");

exit();



because it ensures the session is updated (in a file or into a database, depending on the handler you're using) BEFORE you redirect the visitor somewhere else.



JP.

nakanishi at mailstyle dot com
19-Jan-2003 03:04


Make sure that you call session_start() again after session_write_close() if you rely on the SID rewriting.  Otherwise it will not be rewritten.

20-Apr-2002 10:48


This function is very useful for session objects. The class def'n of an obj needs to be included before the session is started. You can ignore this by closing the session with this function, and then use session_start() to restart it. Do this after including the class definition, but before using the session variable.

add a note

session_write_close

Description