I use ngrok to tunnel localhost to a web address
./ngrok http 80
I use only custom PHP code. Last time I tested it was working ok. Now, I can't login because it seems my PHP resets the data stored in session every 5 or so requests.
When I say reset I mean that my code calls session_id() does not get it and resets that valuable session data including internal captcha code! At the end captcha comparison fails!
Everything works fine at localhost though!
I reset session.cookie_domain with ini_set() setting the ngrok url.
Any ideas?
At last I found it: for a address xxx.ngrok.io just set php session cookie for domain .xxx.ngrok.io and do not include http.
Related
I am not able to get the php session working on http. I tried the same simple test page on another domain on the server which uses https and it worked as expected. Here is the simple code I am using
session_start();
echo session_id();
When I refresh the page I get a new session_id each time.
I've set session.cookie_secure to 0 and 1 but it made no difference. I have no clue why this is not working??? Any ideas?
I've got a problem with my Session in PHP, if I refresh my page it set a new session_id each time.
I use the PHP built in server and PHP 7.1 and nothing more than that :
<?php
session_start();
echo session_id();
Each refresh give me a new Session Id. Each ? Not really in fact, if I refresh super quickly I have the same session id for 1 or 2 seconds.
I don't know where to look, my php.ini seems correct, my code too I believe.
My folder to register session is 777.
Where could I look or what test could I do ?
Edit : I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue
I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue.
The cookie is not deleting on my Debian apache server but deleting fine on my local xampp.
Here is the code i used for setting cookie
$token = substr(hash('sha512', mt_rand() . microtime()), 0, 50);
$extime = time()+86500;
$url_parts = parse_url(current_url());
$domain = str_replace('www.', '', $url_parts['host']);
// set cookie
setcookie('rememberme',$token,$extime,"/",$domain);
This code works on the server and rememberme cookie is created on the server.
Here is the code I used for deleting it
// Delete Cookie
setcookie('rememberme',"",0,"/");
The above code work fine on local but not working on my server.
I hosted the test application as subdomain with url like http://example.com/myproject and $domain give value .example.com
If someone knows why it not working properly on server please help me.
As per my comment: (and add the domain as an argument).
setcookie('rememberme',"",0,"/",$domain);
Many a times, it needs the domain.
From the manual on cookies: http://php.net/manual/en/function.setcookie.php and from User Contributed Notes:
"if you are having problems seeing cookies sometimes or deleting cookies sometimes, despite following the advice below, make sure you are setting the cookie with the domain argument. Set it with the dot before the domain as the examples show: ".example.com". I wasn't specifying the domain, and finally realized I was setting the cookie when the browser url had the http://www.example.com and later trying to delete it when the url didn't have the www. ie. http://example.com. This also caused the page to be unable to find the cookie when the www. wasn't in the domain. (When you add the domain argument to the setcookie code that creates the cookie, make sure you also add it to the code that deletes the cookie.)"
I was working on a webpage and it was working all fine until I tried to send it to my paid web hosting service. It is the first time I try to use SESSIONs in this new remote server.
My application stopped working and I thought there was something wrong with the API I use. After a long attempt to fix this problem, I tried to var_dump() the SESSION array. It was empty. But only with AJAX requests. If I access it directly via browser it works great, but with AJAX it fails. I turned sessions on with the session_start() function.
So I bet it's some problem with my PHP.ini or any configuration in the Apache running on my remote web server.
Do you guys know how to solve it? Can it be a problem with the script I am using to send the requests? It works fine on localhost
#edit
testing.php
session_start();
echo session_id();
$_SESSION['testing'] = 'some_stuff';
server.php
session_start();
echo session_id();
echo 'testing is '.$_SESSION['testing'];
I've got the weirdest problem with Cookies. I've written some PHP script that uses tokens to identify the visitor so that "he/she" can use the website correctly.
The Token system is working perfectly on the local development machine (windoze+ZendApache) and doesn't work on the production server, which is on Bluehost.
I use "/" for path and "mydomain.com" for the domain when setting the cookie with an expiry of 60 days. I can see the cookies on the browser correctly and I can confirm that the values are set correctly when compared to the values in the database.
Every time the page gets refreshed the server doesn't get the cookie and creates a new token and sends it back to the browser and is creating a new record in the database again. The new cookie matches the latest record again, but next time I refresh, same thing all over again. Can't maintain the token, so navigating the site is impossible.
Any idea why this is happening? Is it possible that I've missed some setting?
I've tested it on latest Firefox, Opera, Safari and Chrome.
Thanks.
EDIT:
It is a PHP & Bluehost related issue, I was storing 3, 40-character strings on the value of the cookie in serialized format. The unserialize() function wasn't executing for some reason on Bluehost but was running fine on my dev machine. So I changed the stored value to 40chars.40chars.40chars and exploded the value with the delimiter "." to get the 3 strings.
Thanks again.
you should use
.mydomain.com
instead of
mydomain.com
for example:
setcookie("MyCookie", $value, time()+60*24*3600, "/", ".mydomain.com", 1);