LordKosh

I'm not certain this problem is caused by the PHP code, however the site I am developing uses PHP to build dynamic pages where even the HTML is enclosed in PHP string variable(s). Server is Linux Fedora Core, and db is MySQL.

Everything seemed fine for quite a while. Actual site has been live for about 5 years. Revisions made in October to visual affects (images, some functional components, etc) about 3.5 months ago. No site revisions since.

However, less than a month ago (Dec-14 or so until now, Jan 8, 2010) we have had users complaining of being logged in or out at random. I'm not certain if the problem is related to cookies, or sessions, or something else. [I have posed the AOL proxy server concern and session issues separately on this forum when it was still unclear. I think I have taken measures to eliminate the AOL concern and have changed the caching issues that might have caused the someof the problems. Since my changed (with help from others in the development world), it is no longer randomly logging in and out. It is now very predictable when it will log users in and out of the system. Now, all browsers seem to treat the log in the same way, where before the login status behaved differently for IE, or Firefox, or AOL users.

Here is the problem: the user log in system was not changed in the last revision. We are pretty sure the problems started two months after the revision, not with the revision. So without having changed the PHP code the runs the log in status check in many months (if not 5 years), why did it suddenly start randomly logging users in and out, or now predictably log users in and out for certain URL's?

Does anyone know why PHP session/cookie login system would suddenly develop issues if the code has been unchanged for many years? The "help" I have gotten this from other sources has been in the "I don't know" or "use a different system" category, which does not answer why or what went wrong. Even if the current system being used is not the best, it was fine until Dec 14th, when it suddenly stopped. If it had not been working for 5 years, I would agree with them. To suddenly stop, means it used to work fine.

Please help!

• The only things I can link to the start of this time frame, where the problems were all reported, are the following suspects (however, not likely):
• We upgraded RAM from 1 Gig to 2 Gig because of server lag time, but host company told us this is not likely to cause those problems.
• AOL and Firefox did receive updates very close to or on those dates. IE might have in a Windows Update. Has support for cookies and/or session handling (client-side) recently changes or been found buggy?
• I changed the color and font of two classes in an external CSS stylesheet.
• I changed header code after issue developed to prevent page caching...which seemed to have removed some security issues and make browsers behave the same instead of different/random affect.
• I have changed our cookies back and forth, but changing value or date of cookie(s) still have no affect. This may not be the problem, but looked suspicious. Clearing cookies does reset users normally, until they log in and out the next time.

The other issues (that may be linked to the same underlying problem) are also posted on this forum:

• http://www.webmasterforums.com/softw...n-cookies.html
  
• http://www.webmasterforums.com/php-d...ust-added.html

Can any one help? Please keep in mind that the login processing code has not changed from 5 years of working correctly and during the reported problems...so it did work. The only changes I made were to test/combat the issues that developed. Please Help!!!