fix-magento-undefined-index-session_expire_timestamp/
Opened this issue · 8 comments
Fix Magento 1.9.3 ‘Notice: Undefined index: session_expire_timestamp in … on line 461’ | Tom Lankhorst
Some days ago the Magento security update SUPEE-8788 was released. This update fixes a number of critical vulnerabilities. To fix an existing shop one could either apply the SUPEE-patch or upgrade the shop to Magento 1.9.3. However, after updating I experienced a little issue when trying to reach the shop again. A PHP Exception popped up: Notice: Undefined index: session_expire_timestamp in /data/web/public/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php on line 461 Even after flushing the cache this problem appears. The undefined index and path of the file that raises the exception gives away that this problem might have to with Magento’s session handling. I started with deleting any existing session cookies in my brows
https://tomlankhorst.nl/fix-magento-undefined-index-session_expire_timestamp/
Original author: mokadev @mokadev
Original date: 2016-10-17T10:41:12Z
Hi, this fix will destroy all the existing sessions, no?
Original date: 2016-10-17T10:48:39Z
The session will be invalidated because of missing expire timestamp. To solve this I will change the code such that an existing session will get an expire timestamp in the future.
Original date: 2016-10-17T20:02:39Z
Done, key will be set if not already and the (old) session is positively validated.
Original author: Digital Pianism @digitalpianism
Original date: 2016-10-18T08:28:17Z
Great job, I have added your fix to the 1.9.3.0 bug fixes repo: https://github.com/digitalp...
Original date: 2016-10-18T09:19:13Z
Nice, I will mention your repo.
Original author: Nicholas Yang @nicholasyang
Original date: 2016-11-08T20:35:38Z
Thanks for the post. It helped me track down a possibly related issue. Occasionally, my session file seems to get initialized with the value of current time, instead of (time() + cookie lifetime). The _validate() function keeps returning false in the noted block of code above, so I can't login until: 1) clearing that session file, 2) changing session_expire_timestamp in the session file itself, 3) commenting out the line that returns false for the supposed invalid session_expire_timestamp. Is there any reason the session data might receive the wrong value for session_expire_timestamp?
Original author: Chris Astley @chris_astley
Original date: 2016-11-10T13:59:14Z
I came across this issue but did a different fix to resolve my issue. In file app/code/core/Mage/Core/Model/Session/Abstract/Varien.php I changed this from line 35;
const VALIDATOR_SESSION_EXPIRE_TIMESTAMP = '_session_expire_timestamp';
to
const VALIDATOR_SESSION_EXPIRE_TIMESTAMP = 'session_expire_timestamp';
Just remove the underscore and it works fine.
Original author: Nicholas Yang @nicholasyang
Original date: 2016-11-11T17:30:41Z
My Varien.php file already has the const without the underscore. I did an upgrade in Magento Connect from 1.9.2.4 -> 1.9.3.0.