i have a problem with what seems like session timing out and being destroyed, though i currently do not have it set to expire after a certain amount of time, nor do i have the session destroyed anywhere in the code.
Here's what happens in detail,
it's an e-comm site i have 90 % built which also has two payment gateways(PayPal and SecurePay).
first of all, i only have this problem when the website is uploaded to the web host(GoDaddy), i haven't experienced this issue using localhost.
The issue:
- I can use my site, everything functioning normal, i can choose products and checkout successfully through both payment gateways without issue. When i am finished for the day i'll close the browser as per normal.
- The next morning i will again open the browser and navigate to my site. The website has still retained all the session information and i can navigate to all my pages without issue, including my shopping cart(my shopping cart especially relies on session data to work).
- During the first time i go to check-out, with either payment gateway, everything functions fine until payment gateway navigates back to my returnURL, where the session is somehow destroyed, all the session data is gone and i am logged out.
- This only occurs once, specifically the first time i test the check-out process after a long period of inactivity. As i log back in after the session is destroyed the issue is does not appear to happen again, until the next morning.
- I would also like to add that the return urls are quite different for each payment gateway, the PayPal returnURL is a page where the order is still being processed and the user can change shipping methods rates, SecurePay returns to a page where the transaction is complete and an invoice is genrated, though the result is the same and the session is destroyed when returning from either payment gateway to the return url.
To fix this i was just going to expire the session after 1 hour of session inactivity. But i'm curios why the session would be destroyed only after returning from the payment gateway and not as soon as the page is opened after such period of inactivity?