Latest Firefox Update Changes how PHP Sessions are Handled

Thursday, January 7, 2010 , Posted by Johnny Fuery at 1:09 AM

Originally Published 2007-07-19 14:02:43

I haven't tested thoroughly enough to know for sure, but I have a solid hunch that my session variables on one of my client's sites broke over the last few days as our Firefox browsers all updated to 2.0.0.5.

This is geeky, so if you're not a PHP programmer, and couldn't care less what an HTTP Header is, go ahead and click through to the next post. I'll forgive you. :-)

I have an application that spawned a pop-up window (don't worry, it was from a user request and didn't contain an ad!) using JavaScript. Now, I was using PHP Session data throughout the application to track the user and the referring affiliate. I swear this used to work. You pop-up a window within the same browser session, initialize your session using session_start(), and voila! Instant data zen.

But no more.

Not a big deal -- I just changed the code to pass the tracking data to the new page using the tried-and-true HTTP GET method (i.e., I encoded the variables I needed into the URL). Still, this feels really weird.

Any of you propeller-headed enough to confirm or deny my hunch? Getting the bug fixed was a higher priority than actually double-checking. Who wants to roll-back their firefox installation? Yuck!

(If this post bored you, don't worry, I've got an article on all of those viral linkback gimmicks coming up in the next day or so...)

Update 7/24/2007: I found another session issue that has nothing to do with Firefox. PHP creates a new session for each domain, so if you don't have a redirect setup on your "www" subdomain (or vice-versa, if you promote your site without any subdomain at all. e.g., "http://fuery.com" instead of "http://www.fuery.com", as I do), and you move between the two "sites", your session data will appear to be lost. The clue to this behavior was the presence of two session cookies in my browser instead of only one. When I minded the "www" in my URL, all was well.

There is a strong possibility that the Firefox issue I noted above was simply a result of this oversight. Still not certain, however. :-)

Oh, and btw, here's the URL Rewrite code for your .htaccess file (assuming you're using Apache with the mod_rewrite library activated -- this is the norm for most commercially available hosting plans):

RewriteBase /
RewriteCond %{HTTP_HOST} ^yourdomain.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [L,R=301]


This will redirect all traffic for http://yourdomain.com to http://www.yourdomain.com.

Enjoy!

Comments

On 2007-07-21 00:05:47 tony said:
Thanks for that really useful piece of information, Johnny. I know I've done some stuff with PHP and sessions and didn't know about this latest issue with FireFox. If I find out any more ino, I'll let you know.

On 2008-01-10 16:01:42 Rodrigo said:
I'm from Guadalajara, México and your information was very usefull for me about PHP sessions because I am opening a new window with html and flash content and I had problems with PHP sessions because the variables's sessions were lost but with your article I realease that I had to change GET in instead of the variable sessions.

This is very weird becasue in IE works fine.


Thank you very much

On 2009-11-10 15:48:38 David said:
I just lost 5 days chasing a similar problem. Finally I found this, entered the full URL into Firefox (which I never do) and bang it all works. Unbelievable.

THANKS

Currently have 0 comments:

Leave a Reply

Post a Comment