I have cpanel based centos server.
I am facing issue of session variable not available through out the pages.
I checked all server setting but unable to get idea what i missed out.
<?php
session_start();
// index.php
echo "session id = " .session_id();
$_SESSION["username"] = "Niraj";
echo '<br />Lets see if session available in page 2 -> page 2';
if (!is_writable(session_save_path())) {
echo '<br><br><br><br>Session path "'.session_save_path().'" is not writable for PHP!';
}
else
{
echo '<br><br><br><br>Session path "'.session_save_path().'" is writable for PHP!';
}
?>
Output of above index.php as under:
session id = 5f59e48f328ef72fda877c8a9f7a07ca
Lets see if session available in page 2 -> page 2
Session path "/var/tmp" is writable for PHP!
If i refresh page, than session id remain same.
Code of page2.php as under:
<?php
session_start();
//page2.php
echo "session id = " .session_id();
echo "<br> Username = " . $_SESSION["username"];
?>
Output of page2.php as under:
session id =d99088ca0027a483301746e02282662c
Username =
Problem is Username doesn't output any session value. Temporary directory is writable and browser support cookies.
I marked that when click on page2.php, it will shows new value in session id, is it okay or session id should remain same across all pages?
I tried everything and put lots of effords since last 2 days,
same code working fine with other windows server and session id remain same until i close browser.
Thanks
session_id() must remain the same for you to query data which was set to that session id. The session id (dependent on lifetime value) will stay with you until the browser closes. I suspect that your browser is blocking session cookies which is causing PHP to regenerate a new ID each time the page loads. Download a new browser which you havent used before and test the theory and let me know how you get on.
You can check the global session cookie values and see what the lifetime is set to if you wish but I bet its the browser (0 == Lifetime -> until browser closes).
var_dump(session_get_cookie_params());
http://php.net/manual/en/function.session-get-cookie-params.php
Also....
You could just disable any plugins you have especially ones which stop ad's like Adblocker etc...
Have you seen anything strange occurring to the session files in /var/tmp? Could the server be deleting them?
MediaTemple Grid servers seem to have issues with sessions when they save to the tmp folder. I understand you may not be using MediaTemple, but their DV servers run CentOS so it could have something to do with the OS.
https://mediatemple.net/community/products/grid/204643480/why-am-i-experiencing-session-errors
The symptom of interest they list is "General problems with sessions not seeming to be carried across web requests." Their solution is to get session files out of the tmp folder and store them somewhere else by setting session.save_path in php.ini and restarting apache.
Related
PHP 7.1.7 on Windows Server 2008 Enterprise
... I noticed there were 5 other questions here just like this with no answer. I'm getting frustrated trying to do something that's always been so easy to accomplish in other languages for me. I just want to set a session variable and then read it on another page after a redirect. That should be simple basic functionality and I do not get why I've been sitting here for 2 hours trying everything I can think of and I still can't figure it out.
Each page of my application starts with: session_start();
I have a form edit processing page I'm starting with, where on a successful edit, the user is redirected back to the index page. Before the redirect, I'm setting a session variable ('success'). At this point, the session variable is set. If I comment out the header and exit() lines and echo the session["success"] variable.
$_SESSION["success"] = "The record was inserted successfully.";
header( 'Location: index.php');
exit();
}
Register Globals does not exist in my PHP.ini file (register_globals). I tried adding "register_globals=0;" to the PHP.ini file and restarting the server but I still doid not see a "register_globals" listing on the PHP info page.
No matter what I have tried, after the redirect to the index.php page, that session variable does not exist after the redirect ($_SESSION["success"]). I'm staying inside the same domain (same folder on the server really)
After setting the session variable ('success') and proving that it is set by echoing it on the edit proccessing page followed by an exit, I can not figure out how to get the session variable to persist after a redirect or page change:
If I try and echo that 'success' session variable after a redirect, I get this:
Notice: Undefined index: success
I'm not understanding why this is so difficult? What else could I try?
Thanks for any help.
Test whether the session cookie is set properly.
$_SESSION["success"] = "The record was inserted successfully.";
// header( 'Location: index.php');
echo session_name() .': '.session_id(); // print session cookie name & value
echo '<pre>' . print_r(session_get_cookie_params() ) . '</pre>';
exit();
What do you see? Open your browser's dev tools and look at cookies set when the server echoes the info above. If there is no cookie with the name (typically PHPSESSID) and session ID value above, then either your browser is not accepting cookies or the server isn't setting them. Either one will break cookie-based sessions.
If these seem to work ok, then re-establish your redirect. On the next page (index.php in your example), take a look at which cookies are received:
// Notice: this won't work on the page setting the cookie.
// Cookie should show up on the next page
echo '<pre>' . print_r($_COOKIE) . '</pre>';
Does the session id cookie exist?
If all this works, I would then look at whether PHP is actually storing session files properly. Session data is serialized and saved to files in a folder on the server's hard drive. Take a look at your php.ini, where you should see something like:
session.save_handler = files
session.use_cookies = 1
; where on server the files should be stored. the folder should be
; readable/writeable to the PHP process. Maybe '/tmp'?
session.save_path =
If you edit your php.ini, remember to restart the server.
Update
From your comments, everything seems to be setup correctly. Remove all other code. and just have this:
page1.php
<?php
session_start();
$_SESSION = []; //start with an empty array
$_SESSION['success']= 'record saved';
$_SESSION['id'] = session_id();
header('Location: index.php');
exit;
index.php
<?php
session_start();
var_dump($_SESSION);
if(isset($_SESSION, $_SESSION['id'])):
echo 'Session ids ' . ($_SESSION['id']===session_id()? 'match' : 'do not match');
endif;
What gets var-dumped in index.php after you get redirected from page1.php?
im having an issue with sessions, my sessions are not persistent because the session id keeps changing every time i refresh or change the page.
i've tried adding an dummy session (ze) after the session start to prevent it but the session id keeps changing, weirdly enough, it works fine and doesn't change on chrome, this issue only happens with the other browsers.
the session_save_path() is writable, i tested with
if ( !is_writable(session_save_path()) ) {
echo 'Session save path "'.session_save_path().'" is not writable!';
}
my server isn't local and the php version is 5.3.5
session_start();
$_SESSION["ze"] = "lalal";
My PHP sessions are being created but $_SESSION variables are not being written to the session file.
I have three test PHP pages here that I'm using to diagnose this problem:
test_a.html:
<html>
<body>
<form action='test_b.php' method='post'>
Put something here:
<input type='text' name='saveme' />
<input type='submit' value='Go!' />
</form>
</body>
</html>
test_b.php:
<?php
session_start();
$_SESSION['saveme']=$_POST['saveme'];
echo "Here's what you wrote:<br>".$_SESSION['saveme']."<br>".
"<a href='test_c.php'>Take me to the final check</a><br>";
echo "And here's your session_id: ".session_id();
session_write_close();
?>
test_c.php:
<?php
session_start();
echo "Here's what you wrote (maybe?):<br>".$_SESSION['saveme']."<br>".
"You should also see saveme below:<br>";
foreach ($_SESSION as $key=>$val)
echo $key." ".$val."<br>";
echo "And here's your session_id: ".session_id();
?>
When opening test_a.html and typing in anything to the textbox and hitting Go!, it will show up correctly on test_b.php (when it is set and recalled from memory) but it is not shown on test_c.php.
The session_id is set and shows to be the same. The cookie is stored correctly. The session file is created correctly in the filesystem, but is not written to and remains a zero-byte file.
Sessions are now not being written on any pages of my site (despite working for well over a year up to this point) so typos in these code snippets (if any) are likely irrelevant.
Things I've checked:
The session storage directory is writeable and the disk has plenty of storage
session_start is always successful (and there is nothing before it)
The session_id is created correctly and is the same on both pages
The session cookie is created with the correct session_id
session.use_cookies and session.use_only_cookies are on
Register globals is off
Cookies are enabled
Cleared the /tmp directory to reduce possibility of filesystem issues
Tried storing the session data in memory (didn't work)
Tried changing the session file location (didn't work)
Tested on Chrome & Firefox
Ideas?
Your session storage directory may be writable but the file is not. Try setting the rights to 0666 on the session file and check if this fixes the problem. It's something like one process is creating the file and the very next is not able to write it. What's the owner of the file at creation time? Check if it's www-data or whatever runs your php.
PHP session keys are separated by the pipe character | so | in key name will break you session. Maybe this is the problem.
Check this:
enter link description here
I am setting user id to the session on login in my website.On echoing the session variable soon after being set, it is displayed.But after that iam redirecting this to another page where session is strated and then checked for the session.But it displays error message that undefined index user_id.This code is working in localhost,was working in server also.But now it displays error.Unable to login to the website due to the problem in setting session.
$_SESSION['user_id'] = $user_id;
header('location:home.php');
In home.php
include('session.php');
in session.php
session_save_path('include/session_store');
session_start();
if(!(isset($_SESSION['user_id'])))
{
header('location:signin.php');
}
On advise from fellow stackoverflow users ,I tried this.Created a test.php file.
session_save_path('include/session_store');
session_start();
$_SESSION['yahoo'] = 'yahoo';
header('location:test2.php');
in test2.php
session_save_path('include/session_store');
session_start();
echo $_SESSION['yahoo'];
Now in localhost yahoo is printed.But in server, blank screen is displayed.The session_store folder contain some 0kb files also.
make sure yout do session_save_path('include/session_store');
session_start(); on signin.php and also make sure include/session_store is writable
you said its working on,localhost, then definitely problem is include/session_store is not writable.
Do you have right permissions on include/session_store ? It has to be 777.
You may print echo session_save_path() to ensure that the option is setted.
And at last, without changing the save_path the session works correctly? Your server may have some redirecting rules (mod_proxy) that could have repercussion on your session.
If you have php 5.4 you could try to print session_status()
http://www.php.net/manual/it/function.session-status.php
Problem could be from the path where the session is stored
On your Web hosting file manager set the session path to /tmp/
If there's no folder called tmp then create it
I was working in a project where another developer wrote the code,while a user is login the session_start() as usual and then he is cheking like belows:
if($a['userName'] == $username && $a['password'] == $pwd)
{
$_SESSION['id'] = $a['id']; ?> <script language="javascript"type="text/javascript">window.location="host.php";</script> } else {
$msg= "Invalid Username Password";
}
And when a user want to use the form after couple of seconds its logout and user can not submit data.
I have tried increasing session life time duration:
$sessionCookieExpireTime=8*60*60;
session_set_cookie_params($sessionCookieExpireTime);
And also tried with increasing session lifetime in runtime like below:
ini_set('session.gc_maxlifetime', '3600');
And finally tried by increasing php.ini session lifetime .
Unfortunately those did not work.
One thing I should mention that,there is no session_destroy() for logout issues.
Thanks in advance.
What kind of server are you working on?
On a shared server that runs multiple sites that use a shared session directory the session.gc_maxlifetime is in effect the shortest lifetime of all sites accessing that shared directory.
If the problem is on a development server, find out where the session files are stored and look at what happens to them.
It is also possible that the directory where the sessions are stored is not writeable. In that case the session variable is never stored in the first place.
In all three cases: try to store the session files in a different directory. In code you have to set the session directory with session_save_path() before you call session_start().
The timeout occurs when user idle activity for certain time. There is no way to logout automatically unless using session_destroy.
It may be possible that your code
$a['id'];
returns null by chance.
Also, you need to checkout which page is getting logged out.
Giving the full code may be easy to identify the issue.