While users are browsing files in /memberarea, upon timeout i have some strange occurances. Most all of my pages are php, all of which start the very first line with <?php session_start(); (Actually, they start <?php include('./header.html'); , which starts <?php session_start(); ) The point is, many of my pages are dynamic and/or contain forms that contain hidden fields to include members info in emails upon form submission... Often in testing my pages, i have found that after a certain amount of idle time, the session seems no longer to be valid as nothing is passed when i ask for data from $_SESSION['_amember_user']['example']...these are pages that work normally. The user can browse the protected area even after timeout until they view a page not containing the session_start() command. My directories are protected using the new_rewrite plugin. Anyone know what's going on?
It of course happens because of php.ini's session.session_lifetime setting. After some period of time, old sessions are cleaned up by PHP.