session_start() in PHP 4

Question

I always think that I am the unluckiest guy, because I have to maintain very horrible code written by some one else. But after going through some of the forums, I realized I am not alone.

This code was written before I started working here, now I am maintaining it. I always keep asking that we should allocate time to rewrite the code, but no one cares.

The question I am about to ask, you can comment that it is absolutely horrible, but rewriting the whole code is not an option.

Here is the scenario.

The whole website is written in PHP 4 (60% of website is in index.php, don't know why), so every now and then there is session_start(). Due to that, the session gets reset very frequently and it used to log out the user. I went ahead and commented out session_start(). It stopped logging out the user when he is in the website. Now there are some new issues.

Did I do something wrong by commenting the session_start()?

EDIT: I saw documentation about session_start, may be I did not add some additional information in question. I did google search "session size limit PHP" the following is the link. stackoverflow.com/questions/217420/ideal-php-session-size. So what happens if there is too much data in the session? – user110093

Answer 1

From the php documentation

session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

So what you are describing in the following should not be happening:

so every now and then there is session_start(). Due to that the session gets reset very frequently and it used to log out the user.

If I were you, I would delve deeper and find out the reason why sessions are reset. session_start() should not be the root of this problem.