I have a very strange problem. I am using this simple code:
<?php
session_start();
if(isset($_SESSION['test'])) {
echo $_SESSION['test']."<br>session:".session_id();
}
else {
echo "<h1>Session inexistante. Crée</h1>";
$_SESSION['test']=2;
}
?>
1- I delete all cookies, session, cache...
2 - I go to my page and get the message "Session inexistante. Crée" (meaning "Session does not exist. Created"). This is normal
3 - I update this page, and I still get the message "Session inexistante. Crée". This is not normal !
4 - I update again and the session works correctly
Here are screenshots with the detail of HTTP requests
- We see that on the first loading the session does not exist and is requested by Chrome
- On the second loading Chrome makes a correct request giving the PHPSESSID, the response is correct because it does not contains an other PHPSESSID so it seems PHP is happy with this PHPSESSID. But the message displayed is still "Session inexistante. Crée" !
- We see on the third loading that the session ID given by PHP during the first load of the page was correct. So why it has not been recognised on the second loading?
I am using Php5.6 on a shared server.
This issue is rather random. I have no difficulty to reproduce it even if somethimes everything works well. Sometimes the issue is on the third loading.
This issue is more general on my website. Many users with many browsers have a similar issues.
There is a similar problem here: but as you see I have no 404 error or 302 redirect.
Thank you for your help !
Related
This question already has answers here:
Force users to access website from the homepage
(4 answers)
Closed 11 months ago.
I've been tasked to make a new login page that forces clients to touch the home page first each time they visit. It was recommended to me to try out HTTP_REFERER, to check where the client was coming from. My first pass on the page looked something like this...
<body>
<?PHP
if($_SERVER['HTTP_REFERER'] != "https://www.homepage.com/"){
header('Location: https://www.homepage.com/');
exit;
} else { ?>
//html code for login page
</body>
<?PHP } ?>
The issue I keep running into, is that... when clicking the 'login' button on the home page to enter this new login page, the new login page will seemingly run the header portion of code, and boot back to the homepage on each FIRST attempted. Clicking 'login' button a second time on the homepage won't boot back, and will instead load the page as expected. If I clear the site data from my browser (Chrome), and click login, it will boot back the first time again.
Since it didn't seem to effect people using Safari, I speculated that maybe it's Chrome loading the page before the HTTP_REFERER was setup. So I included a line of sleep(3);. This didn't help at all.
I then speculated that maybe it's HTTP_REFERER's fault, and I have since switched over to using a SESSION variable instead for the job. No good, same issue.
The last thing I tried was reorganizing the if statement to have the fail state second in order on the page. Perhaps as expected, this didn't matter either.
I feel like I must be missing something, and would appreciate any insight. Thank You.
Referer is not a safe option for testing. If the first_login session is not assigned and the requested page is not the homepage, the code below sets a cookie named first_login and redirects to the homepage.
This process is valid as long as the browser session exists.
<?php
ob_start();
session_start();
if(!isset($_SESSION['first_login']) and $_SERVER['SCRIPT_URI']!='https://www.homepage.com/')
{
$_SESSION['first_login'] = 'success';
header('Location: https://www.homepage.com/');
exit;
}
?>
Im having a strange problem.
I have a subdomain where a customer comes in with a specific URL
When the customer is recognized I set a cookie and redirect them to the main domain.
there I check for this cookie to hide some elements.
This is working great in Chrome, Firefox and even Edge on Microsoft, but not in IE11 and chrome on Apple machines.
When I type document.cookie in the IE console, I can see the cookie.
I display a cookie found message in the console which I can see in chrome etc. but not in IE.
So it looks like IE can't find the cookie, while it is actually there.
Is there someone who can explain this behaviour?
I finally found the problem.
When checking for the existence of the cookie, at first I used this line of jQuery code.
if (document.cookie.split(';').filter((item) => item.includes('cookiename=')).length) {
console.log('cookie found');
}
I briefly saw an error message in IE that pointed to this line of code.
so, I changed it to the, btw much easier, line
if (document.cookie.indexOf("cookiename=") != -1) {
console.log('cookie found');
}
which IE has no problem with.
I've a strange problem with header() redirects.
There are three pages involved: upload.php (for choosing the file, POST form), doupload.php (add file to server, write to DB etc.) and target.php (doupload.php redirects to that page after successful upload).
My code on doupload.php at the end (the redirecting part):
$id = 5;
header("Location: https://www.mypage.com/target.php?id=".$id."&secondvar=1");
exit();
On normal circumstances it works without problems. But sometimes the connection to my webserver lacks (bad connection) and it needs 5 up to 20 seconds to complete the request.
In this case, all GET variables after 'id=5' are gone.
Example: Should be redirected to
/target.php?id=5&secondvar=1
but it's redirected to
/target.php?id=5
without the rest.
I'm using Cloudflare. Maybe there is a session problem in this cases?
I could add session_start(); to each page, but I don't think that's the problem, because on normal circumstances it works.
I'm very thankful for every help to fix that strange issue.
I have the following Ajax logon script. index.php will set a session and then return something like {"status":true,"msgs":[],"url":"\/demo\/administrator\/index.php"}if the username and password checks out. The page then should reload, the PHP script will check if the session is set, and if so, will display the appropriate page.
"Sometimes" with FireFox 21.0 running on Windows 7, the page appears to reload, but then incorrectly re-displays the logon page. When I say "appears to reload", when using FireBug, I see the POST to the server, I then see the console.log "reload page" for a brief amount of time, and then the logon page is displayed. If I then manually reload the page, the session checks out, and the correct page is returned.
To troubleshoot, I put some syslog(LOG_INFO,"got here!"); in my PHP script, and I see it never got accessed a second time, thus my believe the server isn't getting hit after the reload. I've also checked the Apache access log, and I believe it only sees the first POST.
Can anyone let me know what is happening, and how to remedy it? Thank you
$.post('index.php',{task:'logon',username:username,password:password},
function (data)
{
if(data.status==true){
console.log('reload page');
//window.location.href = data.url;
window.location.href = window.location.href;
//window.location.reload();
}
else {msgs.html("<ul>"+mkList(data.msgs)+"</ul>");}
},'json'
);
This answer was really provided by Brian Lacy and user1600124, but they only left comments and didn't post this answer. So, please vote their comments up if you think this is a good answer.
Use window.location.reload(true) to submit data to server
If you don't explicitly tell the browser not to cache pages in the headers.. some browsers will still cache dynamic pages because the parameter that you send is the same.
As an alternate solution, you can append a timestamp to the url that would force browser to get content from server again.
also setting the pragma "no-cache" header for your page could help.
http://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Avoiding_caching
Basic situation and basic relevant info:
I have a php code that executes before the opening <doctype> tag. The hope was to (if necessary) send a redirect based on user's browser's language preferences before anything else loads.
The script attempts to do two things based on highest supported language preference:
Use php: setcookie() to create a cookie with the two-letter language code.
Example cookie name = value: x_language = es
Use php: header("Location: " . $requestedSite); to redirect to a subdomain,
Example domain: es.domain.com
Example:
if (isset($_COOKIE['x_language'])) {
-Determine correct subdomain based on cookie value-
-If not currently on that subdomain, redirect to it-
} else {
setcookie('x_language','es',time() + 31536000 ,'/','.domain.com' );
header("Location: " . $requestedSite);
}
The problem:
Firefox works perfectly. Chrome (and other browsers) fail to recognize the cookies at all.
I've boiled it down to this:
print_r($_COOKIE) works properly in Firefox, and returns a lovely, populated array.
print_r($_COOKIE) fails in Chrome, and returns an empty array.
This is the core of the problem, my function doesn't recognize the existence of a cookie because Chrome doesn't.
I've made sure every browser accepts cookies.
I've checked dev tools to make sure the cookie is in place on all browsers, (it is).
I realize a cookie's value isn't available until the next page load, but that isn't an issue here. Even after it is set, it won't read.
There is no output above the initial setcookie();
So how do I get Chrome (and other browsers) to recognize its own cookies?! Does anyone know why this would all work flawlessly on Firefox but fail elsewhere?
On a lark I decided to try this. I created a file that only contains:
<?php
print_r($_COOKIE);
?>
Again, I see the cookie array in Firefox. Meanwhile, in Chrome, IE, Opera, Safari, I get an empty array. Could this be a server issue?
OP returns with answer:
Alright, I'm adding this as an 'Answer' in case anyone else comes across this (totally bizarre) behavior and lands here:
It turns out my hosting provider was doing some seriously aggressive caching with my WordPress site that I was unaware of.
At the time I posted my question, I didn't think being on WordPress was relevant, but apparently it was.
Basically it was doing this:
With a clean Cache:
Visitor 1 visits the site.
The php processes and produces output as expected.
Visitor 1 is served php output (based on his browser's parameters and such).
Visitor 2 visits the site. Visitor 2 sees *Visitor 1's version of the site.
The php is processed once and only once per Cache-clear.
This caching behavior meant that accessing cookies through php was simply not going to work right, but accessing them with Javascript WOULD work.
(Important note: It turns out the above-stated caching behavior is disabled for any user viewing the site while logged into wordpress, and this is common behavior for WordPress Cache plugins. That is why I was seeing different behavior in Firefox than I saw in other browsers, because I was actively logged in with Firefox. This could be a helpful piece of information for someone out there.)
My solution:
Use Javascript to run an AJAX query to a .php file which would process the language preferences of the visitor and return the output as a 2-character code, (i.e. 'en' 'es' 'pt' 'de', etc).
Using AJAX to call php allowed me to use php's server-side access to a browser's language preferences while circumventing the super-agro caching of my host.
I hope this helps someone! And thanks to everyone who tried to help me out with this.
I was not having this problem with the code below. I was able to go to example.com and be redirected immediately to en.example.com and see the cookie in $_COOKIES. If I used en.example.com?set=fr I would be redirected to fr.example.com every time I tried example.com. Hopes this is what you were looking for!
<?php
print_r($_COOKIE);
if(isset($_GET['nuke'])) {
setcookie('x_language','',time()-1000,'/','.example.com');
echo 'It has been nuked!';
exit;
} else if(isset($_GET['set'])) {
setcookie('x_language',$_GET['set'],time() + 31536000, '/','.example.com');
$_COOKIE['x_language'] = $_GET['set'];
}
if (isset($_COOKIE['x_language'])) {
$redirect = $_COOKIE['x_language'].'.example.com';
if($_SERVER['HTTP_HOST'] != $redirect)
header('Location: http://'.$redirect);
} else {
setcookie('x_language','en',time() + 31536000,'/','.example.com');
$redirect = 'http://en.example.com';
header('Location: '.$redirect);
}
echo '<br />Cookie: '.$_COOKIE['x_language'].' Domain: '.$_SERVER["HTTP_HOST"];
?>