Reopening a session in PHP

php apache session session-cookies
JochenJung picture JochenJung · Sep 7, 2012 · Viewed 9.9k times · Source

How do I reopen a session in PHP without getting header already sent warnings?

After setting all the session vars I like to set, I close the session with session_write_close(). I do this, because as long as the session is open, there may be only one active connection from the same client. But I like to have multiple parallel ones.

However if I like to set another session variable at a later point, I need to reopen the session with session_start() once again. This works, but as I already send code to the client it prints "headers already sent"-warnings. Why is it trying to set the cookie again? The cookie is already set. Only thing I need is to gain access to writing the session files on the server again.

Well, I can suppress them. But is there a way of reopening a session, that has been closed with session_write_close without re-sending the Cookie-header? The Cookie-header is already sent correctly by the first session_start(). So the second one just needs to give me back access to writing to the session files stored on the web server.

<?php
session_start();
// setting all the session vars I like to set
session_write_close(); // <-- // To allow parallel requests by the same user, while this script is still running

// Code that takes some time to execute
// It also prints output, so no more cookie headers after this point

@session_start(); // <-- works, but I like to use it without suppressing warnings
$_SESSION['key'] = 'new value I like to store';
session_write_close();
?>

Answer

VolkerK picture VolkerK · Sep 7, 2012 
session_start();
...
session_write_close();
...

ini_set('session.use_only_cookies', false);
ini_set('session.use_cookies', false);
ini_set('session.use_trans_sid', false);
ini_set('session.cache_limiter', null);
session_start(); // second session_start

This will prevent php from calling php_session_send_cookie() a second time.
See it working.

Though restructuring the scripts still seems to be the better option...

For PHP 7.2+, you will basically need to re-implement session cookies to avoid errors and warnings:

ini_set('session.use_only_cookies', false);
ini_set('session.use_cookies', false);
ini_set('session.use_trans_sid', false);
ini_set('session.cache_limiter', null);

if(array_key_exists('PHPSESSID', $_COOKIE))
    session_id($_COOKIE['PHPSESSID']);
else {
    session_start();
    setcookie('PHPSESSID', session_id());
    session_write_close();
}

session_start();
...
session_write_close();
...

session_start(); // second session_start

Related questions

phpmyadmin token mismatch for long time idle

I installed phpMyAdmin 4.0.4.1 on my local develop enviroment, I set auth_type to config. Also I provide authentication requirements by this settings: $cfg['Servers'][$i]['auth_type'] = 'config'; $cfg['Servers'][$i]['host'] = 'localhost'; $cfg['Servers'][$i]['password'] = 'somepassword'; But after …

Read More
Location for session files in Apache/PHP

What is the default location of session files on an installation of Apache/PHP on Ubuntu 10.10?

Read More
Allow php sessions to carry over to subdomains

I use php sessions (not cookies, except for session id cookie) for all user data, and when a user goes to their profile user.mydomain.com they are immediately "logged out" untill then remove the subdomain. Is there a way …

Read More