session start error (with fix)

  • Resolved darrengates

    (@darrengates)


    9 years, 6 months ago

    I occasionally get this error:

    The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and ‘-,’

    The issue seems to be the “Agp_SessionAbstract.class.php” file. I was able to fix this by making this change to the constructor (check for valid session_start and regenerate the ID if not valid):

    public function __construct() {
    if (!session_id()) {
    $ok = @session_start();
    if ( !$ok ) {
    session_regenerate_id(true); // replace the Session ID
    session_start();
    }
    }
    $this->name = strtolower(get_class($this));
    }

    https://www.ads-software.com/plugins/wcp-contact-form/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WebCodin

    (@webcodin)

    Hi darrengates,

    We’re sorry for delay with answer.

    We use following code for session activation:

    if (!session_id()) {
    session_start();
}

    This code is the canonical and the most safe for storing data in the session.

    In your example you use following code:

    session_regenerate_id(true); // replace the Session ID
   session_start();

    This code totally delete active session and stored data in this session, includes data from other plugin. Following action can have unexpected results, so it is unsafe.

    Regarding to your general issue: “The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and ‘-,'” – it is just a warning message, that can be easy hided, for example as described in this article.

    Plugin Author WebCodin

    (@webcodin)

    Hi darrengates,

    Currently we mark this topic as resolved. If you have other questions or comments you can reopen this topic or create a new one.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘session start error (with fix)’ is closed to new replies.