I am not able to get the php session working on http. I tried the same simple test page on another domain on the server which uses https and it worked as expected. Here is the simple code I am using
session_start();
echo session_id();
When I refresh the page I get a new session_id each time.
I've set session.cookie_secure to 0 and 1 but it made no difference. I have no clue why this is not working??? Any ideas?
Related
I'm using Apache 2.4.41 with PHP 7.4.3.
I've this script that write a session
<?php
// uno.php
session_start();
$_SESSION['chiave'] = 'TEST';
echo session_save_path();
?>
Due
When i click to Due link
<?php
// due.php
session_start();
print_r($_SESSION);
?>
I get that $_SESSION is empty.
Session.save_path is writeable and i see session file.
I see in firefox debug the messagge
Cookie PHPSESSID has been rejected because a non-HTTPS cookie can't be set as secure.
How can i solve this problem?
Thanks
Thanks
You have two options
Be secure
Use HTTPS instead of plain HTTP
Be insecure and tell PHP you don't care.
Keep using HTTP and change the session.cookie_secure option to off (which is its default value but one that must have been changed on your server).
I use ngrok to tunnel localhost to a web address
./ngrok http 80
I use only custom PHP code. Last time I tested it was working ok. Now, I can't login because it seems my PHP resets the data stored in session every 5 or so requests.
When I say reset I mean that my code calls session_id() does not get it and resets that valuable session data including internal captcha code! At the end captcha comparison fails!
Everything works fine at localhost though!
I reset session.cookie_domain with ini_set() setting the ngrok url.
Any ideas?
At last I found it: for a address xxx.ngrok.io just set php session cookie for domain .xxx.ngrok.io and do not include http.
I've got a problem with my Session in PHP, if I refresh my page it set a new session_id each time.
I use the PHP built in server and PHP 7.1 and nothing more than that :
<?php
session_start();
echo session_id();
Each refresh give me a new Session Id. Each ? Not really in fact, if I refresh super quickly I have the same session id for 1 or 2 seconds.
I don't know where to look, my php.ini seems correct, my code too I believe.
My folder to register session is 777.
Where could I look or what test could I do ?
Edit : I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue
I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue.
I recently moved to a new DigitalOcean VPS server, and I'm running Ubuntu 14.04 and Apache. This is the first time I set up my own server. I imported my website into the new server. Everything seems to be working but the logout script where I basically unset and destroy the session. For some reason, this doesn't seem to be working anymore.
Here's the code for my logout script
<?PHP
session_start();
session_unset();
session_write_close();
session_destroy();
session_start();
$_SESSION = array();
$_SESSION['logged_out'] = 1;
header ("Location:index.php");
?>
When the page is redirected, the user is still logged in and the session cookie is still set.
I remember having the same problem as you.
Try to delete your SESSION using : unset($_SESSION['session_you_need_to_destroy']);
I guess if you destroy only one session, you member will be log off.
Hope it's work for you :)
Just for anyone else's future reference, I solved the problem. The URL for the login script was http://website.com (without the www) and the rest of my site used http://www.website.com (with the www).
I was working on a webpage and it was working all fine until I tried to send it to my paid web hosting service. It is the first time I try to use SESSIONs in this new remote server.
My application stopped working and I thought there was something wrong with the API I use. After a long attempt to fix this problem, I tried to var_dump() the SESSION array. It was empty. But only with AJAX requests. If I access it directly via browser it works great, but with AJAX it fails. I turned sessions on with the session_start() function.
So I bet it's some problem with my PHP.ini or any configuration in the Apache running on my remote web server.
Do you guys know how to solve it? Can it be a problem with the script I am using to send the requests? It works fine on localhost
#edit
testing.php
session_start();
echo session_id();
$_SESSION['testing'] = 'some_stuff';
server.php
session_start();
echo session_id();
echo 'testing is '.$_SESSION['testing'];