Title: Session_ID Problem
Last modified: May 25, 2017

---

# Session_ID Problem

 *  Resolved [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/)
 * After updating to Memphis Docs 3.6.21 we started having problems with the sessions
   being duplicated among users.
 * The PHPSESSID cookie was being set to the same value for all users both authenticated
   and anonymous. This was causing issues in several areas of our site where we 
   use the session ID.
 * It appears that the 3.6.21 Memphis Docs is setting a MDOCS_SESSION_ID that is
   a hard coded (static) value. Somehow this MDOCS_SESSION_ID is making it’s way
   to the the PHPSESSID.
 * Any particular reason for this? I’ve had to disable the plugin for now until 
   we can get a fix in.

Viewing 10 replies - 1 through 10 (of 10 total)

 *  Plugin Author [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * (@bhaldie)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167146)
 * Im not sure how session data can be passed from one computer to an other, Session
   are cookie based per computer an unless you are sharing computers there shouldn’t
   be an issue.
 * That being said you can disable session from the setting menu if it does not 
   meet your sites requirements. It is not critical that session run with mdocs.
 *  Thread Starter [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167323)
 * In the memphis-documents.php file on line 30 you hard coded a MDOCS_SESSION_ID
   to a static value. Then in the mdocs-functions.php you assignthe php variable“
   session_id” to the MDOCS_SESSION_ID.
 * On our website one of the issues it’s caused is that we have a session based 
   shopping cart that stores data in a table with the PHP session_id as one of the
   identifiers. When everyone is sharing the same session_id then everyone sees 
   the exact same contents of the cart.
    -  This reply was modified 8 years, 11 months ago by [dfreeman33](https://wordpress.org/support/users/dfreeman33/).
      Reason: spelling
 *  Plugin Author [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * (@bhaldie)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167336)
 * Did you try to disable session from the setting menu? Goto Options > Setting 
   > Disable Sessions this should to mdocs from creating session.
 *  Thread Starter [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167347)
 * I guess my question is: Is there a reason you’re hard coding a static MDOCS_SESSION_ID
   instead of using a randomly generated?
 *  Thread Starter [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167359)
 * I did disable sessions and that seems to have stopped the problem.
 *  Plugin Author [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * (@bhaldie)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167436)
 * My idea was to create a unique session specially for mdocs. I’m taking a look
   at my code right now I may have to end up just restoring the old way of doing
   things if it is causing issue.
 *  Thread Starter [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167449)
 * Thanks for the quick responses!
 *  Plugin Author [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * (@bhaldie)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167458)
 * if you want the old code is still in the session function you could comment out
   the new code and uncomment out the old code to go back to how it was before version
   3.6.21
 * The file is mdocs-functions.php and the function is mdocs_nonce():
 *     ```
       if(get_option('mdocs-disable-sessions') == false) {
       		session_id(MDOCS_SESSION_ID);
       		session_start();
       		if(isset($_SESSION['mdocs-nonce'])) define('MDOCS_NONCE',$_SESSION['mdocs-nonce']);
       		if(!isset($_SESSION['mdocs-nonce']) || isset($_REQUEST['mdocs-nonce'])) $_SESSION['mdocs-nonce'] = md5(rand(0,1000000));
       		session_write_close();
       	} else {
       		define('MDOCS_NONCE', md5(rand(0,1000000)));
       		$_SESSION['mdocs-nonce'] = null;
       	}
       	/*
       	if(!session_id()) {
       		session_start();
       		//session_start([ 'mdocs-nonce' => md5(rand(0,1000000))]);
       	}
       	if(get_option('mdocs-disable-sessions') == false) {
       		if(isset($_SESSION['mdocs-nonce'])) define('MDOCS_NONCE',$_SESSION['mdocs-nonce']);
       		if(!isset($_SESSION['mdocs-nonce']) || isset($_REQUEST['mdocs-nonce'])) $_SESSION['mdocs-nonce'] = md5(rand(0,1000000));
       	} else {
       		define('MDOCS_NONCE', md5(rand(0,1000000)));
       		$_SESSION['mdocs-nonce'] = null;
       	}
       	*/
       ```
   
    -  This reply was modified 8 years, 11 months ago by [bhaldie](https://wordpress.org/support/users/bhaldie/).
 *  Thread Starter [dfreeman33](https://wordpress.org/support/users/dfreeman33/)
 * (@dfreeman33)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167491)
 * I’m going to run it as is for now and just leave the sessions disabled in the
   settings to see how things run. Unless you think that’s a bad idea…
 *  Plugin Author [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * (@bhaldie)
 * [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167503)
 * You should be fine. The only reason session are using in mdocs is for admin functionality.
 * It only allows one button press for upload/delete/edit. Basically it doesn’t 
   allow admins to spam the upload button over and over again.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘Session_ID Problem’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/memphis-documents-library_91918f.
   svg)
 * [Memphis Documents Library](https://wordpress.org/plugins/memphis-documents-library/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/memphis-documents-library/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/memphis-documents-library/)
 * [Active Topics](https://wordpress.org/support/plugin/memphis-documents-library/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/memphis-documents-library/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/memphis-documents-library/reviews/)

 * 10 replies
 * 2 participants
 * Last reply from: [bhaldie](https://wordpress.org/support/users/bhaldie/)
 * Last activity: [8 years, 11 months ago](https://wordpress.org/support/topic/session_id-problem/#post-9167503)
 * Status: resolved