I recently moved to a new DigitalOcean VPS server, and I'm running Ubuntu 14.04 and Apache. This is the first time I set up my own server. I imported my website into the new server. Everything seems to be working but the logout script where I basically unset and destroy the session. For some reason, this doesn't seem to be working anymore.
Here's the code for my logout script
<?PHP
session_start();
session_unset();
session_write_close();
session_destroy();
session_start();
$_SESSION = array();
$_SESSION['logged_out'] = 1;
header ("Location:index.php");
?>
When the page is redirected, the user is still logged in and the session cookie is still set.
I remember having the same problem as you.
Try to delete your SESSION using : unset($_SESSION['session_you_need_to_destroy']);
I guess if you destroy only one session, you member will be log off.
Hope it's work for you :)
Just for anyone else's future reference, I solved the problem. The URL for the login script was http://website.com (without the www) and the rest of my site used http://www.website.com (with the www).
Related
I have already seen this identical opposite question and its OP code sample seems perfectly fine to me. I've also read (including PHP docs) that session can be checked with session_status() on PHP >= 5.4 and it should be fine to do so before calling session_start() to determine if it already exists.
Now, I'm using PHP 5.4.16 on a CentOS 7.10 machine and the session_status() always returns 1 (PHP_SESSION_NONE) for me, only when I reload the page with this example:
<?php
$status = session_status();
session_start();
echo "The session status is : $status";
I expect it returns PHP_SESSION_ACTIVE (2) when I reload page (and I'm not forcing-reload with cache clear). I'm using latest Chrome version, and the page is embedded inside a virtual host with HTTPS over port 8443.
I've checked the PHP version with both php --version and via phpinfo() script to discard any version conflict just in case, and they're same. Additionally, when I visit the session script page, the server creates empty files at /var/lib/php/session directory. I didn't change default PHP settings for session or anything.
To make it clear: the session_status() works fine if checked afterwards on same script execution (The session status is : 2), but naturally I'm not interested in that since I want to check if session exist in first place.
What could be wrong?
Your session_status will always be PHP_SESSION_NONE until you call session_start in the lifetime of the current request. It does not matter if on some previous request you "already started" a session: you need to "re-start" it, to resume a previously started session. This is done via cookies.
If your intent is to start a session only if the user already did something in the past that started a session (eg. they already logged in previously) and you want to resume a session but not start a new one, then you could simply check if (isset($_COOKIE['PHPSESSID'])).
This may be beneficial if you know most of your users won't need a session, and you want to avoid cookies and the overhead involved with a session, but still be able to handle the cases when a session is needed.
In my experience, session_status() only allow you to know if a session has been started, so if session_start() has been called in the current script.
PHP_SESSION_DISABLED I think that this is returned if session are disabled in PHP configuration.
PHP_SESSION_NONE is returned if the session has not been started in the current script
PHP_SESSION_ACTIVE if a session has been started in the current script.
This post might interrest you https://stackoverflow.com/questions/32356373/how-to-disable-session-in-php#:~:text=You%20can%20disable%20the%20session,ini%20.
A way to check if a session has been started in a different script would be
<?php
session_start();
if (!isset($_SESSION['init'])) {
echo 'first time session';
$_SESSION['init'] = true;
}
I am not able to get the php session working on http. I tried the same simple test page on another domain on the server which uses https and it worked as expected. Here is the simple code I am using
session_start();
echo session_id();
When I refresh the page I get a new session_id each time.
I've set session.cookie_secure to 0 and 1 but it made no difference. I have no clue why this is not working??? Any ideas?
I have a problem in my application using SESSION array. It has been working for a couple of weeks but then suddenly stopped working (without any noticable change in code or settings). I shortened the code to this:
<?php
session_start();
var_dump($_SESSION);
$_SESSION['meh'] = 'MEH';
?>
It shows an error: 'A session has alredy been started...'. This is now my whole code in index.php, which is the only file in server's directory. After the second (third...) run the $_SESSION is still empty. Working with PHP 7.0, testing on Firefox and Opera (Cookies allowed). On local server is everything fine. Any ideas how to fix it? Somewhere in config/cache or whatever? Thanks
you may have another session_start() in your code
or
try this
from the old answer
<?php
if(!isset($_SESSION))
{
session_start();
}
?>
I've got a problem with my Session in PHP, if I refresh my page it set a new session_id each time.
I use the PHP built in server and PHP 7.1 and nothing more than that :
<?php
session_start();
echo session_id();
Each refresh give me a new Session Id. Each ? Not really in fact, if I refresh super quickly I have the same session id for 1 or 2 seconds.
I don't know where to look, my php.ini seems correct, my code too I believe.
My folder to register session is 777.
Where could I look or what test could I do ?
Edit : I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue
I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue.
I was working on a webpage and it was working all fine until I tried to send it to my paid web hosting service. It is the first time I try to use SESSIONs in this new remote server.
My application stopped working and I thought there was something wrong with the API I use. After a long attempt to fix this problem, I tried to var_dump() the SESSION array. It was empty. But only with AJAX requests. If I access it directly via browser it works great, but with AJAX it fails. I turned sessions on with the session_start() function.
So I bet it's some problem with my PHP.ini or any configuration in the Apache running on my remote web server.
Do you guys know how to solve it? Can it be a problem with the script I am using to send the requests? It works fine on localhost
#edit
testing.php
session_start();
echo session_id();
$_SESSION['testing'] = 'some_stuff';
server.php
session_start();
echo session_id();
echo 'testing is '.$_SESSION['testing'];