PHP sessions unchecked when rapid navigation occurs

Question

I have a session formed the following way:

function sec_session_start() {
$session_name = 'primary_session';
$secure = false;
$httponly = true;
if (ini_set('session.use_only_cookies', 1) === FALSE) {
    header("Location: /error?e=1");
    exit();
}
$cookieParams = session_get_cookie_params();
session_set_cookie_params(3600,$cookieParams["path"],$cookieParams["domain"],$secure,$httponly);
session_name($session_name);
session_start();
session_regenerate_id(true);
}

I use this on all my page by adding sec_session_start(); on my index page, which requires correct files depending on what page I am accessing.

It works perfectly fine with slow navigation.

However, when rapid navigational clicks occur, for some reason it unchecked, and the user is logged out. How come?

This is the button I press rapidly. NOTE: It also changes the page from www.example.com to www.example.com/users, and then just repeats www.example.com/users until session is broken.

And this is the result after about, 2-3 rapid clicks. Works fine when pressed 1-2 times a second, max.

I have tried not using it as a function, and putting it on the absolutt TOP of the page without success.

Answer 1

The error seems to be session_regenerate(true).

This command generates a new session id. The parameter will delete the old session file if it is set to true. In this code it is set to true, so the session is created an started and then directly closed and deleted.

I think it appears only a few times because the command is called after session_start() was called and the output already started.

Try changing the parameter to false. For the right use of session_regenerate() look into this question.