I have followed a tutorial to work with sessions using cookies. I have now two issues:
My lifetime session is too short (one or two hours), eventhough I've set the value of session.cookie_lifetime and session.gc_maxlifetime to "1209600"
I try to save sessions into files using:
ini_set("session.save_handler", "files");
session_set_save_handler($session, true);
session_save_path($rel_path . "/sessions");
where $session is the instance of the sessions I've created but not yet started.
Now, this works correctly when I use it locally with XAMPP, but not when I upload the site online. I guess the problem comes from my web host which is www.ovh.com, but I have no idea on how to solve this problem. Any idea or suggestion?
I solved the issue by adding this line of code:
ini_set('session.force_path', 0);
with the other ini_set and session parameters. The session.force_path parameter wasn't visible in the session section when I printed the phpinfo() locally (using XAMPP), while it was on my web hosting service. This also solved my session lifetime issue as it was depending on the existence of the session file.
Related
I've got a problem with my Session in PHP, if I refresh my page it set a new session_id each time.
I use the PHP built in server and PHP 7.1 and nothing more than that :
<?php
session_start();
echo session_id();
Each refresh give me a new Session Id. Each ? Not really in fact, if I refresh super quickly I have the same session id for 1 or 2 seconds.
I don't know where to look, my php.ini seems correct, my code too I believe.
My folder to register session is 777.
Where could I look or what test could I do ?
Edit : I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue
I don't know why but changing localhost to 127.0.0.1 in the built in server solved the issue.
I have PHP 5.6 running on IIS 8.5. I used this test log:
echo '<p>'.sizeof($_SESSION).' - '.session_id().' - '.ini_get('session.cookie_domain').'</p>';
With it I see that $_SESSION has some elements, cookie_domain is properly set in php.ini as my domain, but session_id() has a different string on each page load. session_start() is being called on every page load.
Any idea on what I can do to make session persistent?
$sessionfile = ini_get('session.save_path') . '/' . 'sess_'.session_id(); shows where the session file is. I'm able to open it and data is there. Indeed it's something in the creation of each session, not in saving their files.
Is it possible that some IIS setting or some asp is reseting the session?
This problem occur most times if you don't have permissions to store the session in your IIS. I had the same problem before a long time. To correct the permissions or the session path solved my problem.
I have dedicated a server to maintain Memcached and store sessions, so that all my servers can work on the same session without difficulties.
But somehow I think I may have misunderstood the meaning of Memcached possibilities about PHP sessions.
I thought that I would be able to stand on Apache 1 a.domain.com and create a session e.g. $_SESSION['test'] = "This string is saved in the session" and then go to Apache 2 b.domain.com or c.domain.com and simply continue the session and type echo $_SESSION['test']; and it would output the string.
It doesn't, but i am sure that I was told that memcached would be a great tool if you have multiple webservers to share the same session.
What have I done wrong?
By the way. We seriously need a fully detailed tutorial or ebook to describe how to set up the server, using php, building clusters etc. based on Memcached.
In my php.ini file it says:
session.save_path = "192.168.100.228:11211"
Tutorials told me not to define a protocol, and the ip address has been given to the Apache 3 - memcached Server
Here is an image of phpinfo()
The domain in session.cookie_domain is not called domain but it is a .local.
It has been changed for this image.
EDIT:
Just for information. When I am using a simple Memcached based PHP command - everything works perfectly. But somehow when I am trying to save a session, the memcached server doesn't store the item.
This works:
<?php
$m = new Memcached();
$m->addServer('192.168.100.228', 11211);
$m->set('int', 99);
$m->set('string', 'a simple string');
$m->set('array', array(11, 12));
/* expire 'object' key in 5 minutes */
$m->set('object', new stdclass, time() + 300);
var_dump($m->get('int'));
var_dump($m->get('string'));
var_dump($m->get('array'));
var_dump($m->get('object'));
?>
This doesn't work
<?php
session_start();
$_SESSION['name'] = "This is a simple string.";
?>
EDIT 2: THE SOLUTION
I noticed that after deleting the cache history including cookies etc. the browser didn't finish the job. The problem continued due to the fact, that it hang on to the original individual session id, which made each subdomain separated from each other.
Everything defined here is correct, just make sure your browser resets its cookies when you ask it to. >.<
By default (session) cookies are domain specific, so set the cookie domain in your php.ini
session.cookie_domain = ".domain.com"
Also see here
Allow php sessions to carry over to subdomains
Make sure to restart your webserver and clear all of your browser cookies after making the change. Your browser could get confused if you have cookies with the same name but different subdomains.
Other things to check:
That the sessions work fine on each individual server.
Make sure the session handler is set properly by using phpinfo() if you are working with a large codebase especially inherited / 3rd party stuff there may be something overriding it.
If you are using 3rd party code - like phpbb for instance - check that the cookie settings are correct in there too.
(please note this answer tidied to remove brainstorming, kept all relevant info)
I know this problem has been presented here in SO and I've tried the solutions but it's still not fixed.
PHP is deleting the session after some time of inactivity (i assume 24 minutes as it's the default and seems to fit the testing).
I have the following code set in all the pages:
ini_set('display_errors', 0);
$sessionCookieExpireTime = 2880000;
session_set_cookie_params($sessionCookieExpireTime);
ini_set('session.gc_maxlifetime', $sessionCookieExpireTime);
session_start();
echo ini_get('session.gc_maxlifetime'); //echos 2880000 as expected
But the session still gets reset after 24 minutes (or so) of inactivity.
phpinfo() return the following output for session:
Any idea why this isn't working? (PHP 5.3.10)
Thanks
Although Marc B answer shares some great insight it wasn't working for me. I was pretty sure everything was fine with my script and I had nothing messing with the session in my code.
After an epic struggle I discovered that my problem was actually due to shared hosting environment. From the PHP doc:
“If different scripts … share the same place for storing the session
data then the script with the minimum value will [determine the
session timeout]“.
After this the problem was quite obvious. Some script (hosted on the same server) was using the default php.ini session.gc_maxlifetime and that was resetting my sessions.
The solution was to create a folder under the root of my hosting (make sure it's not web accessible), set the right permissions to it and then use session.save_path to tell php where to store my sessions. Something like:
ini_set("session.gc_maxlifetime","21600"); // 6 hours
ini_set("session.save_path", "/your_home/your_sessions/");
session_start();
This website provided great insight: php sessions on shared hosting
So if you come accross this issue make sure you follow Marc B recommendations and if that doesn't work try this out.
Best wishes!!
Are you doing this code in EVERY script that uses sessions? ini_set changes apply ONLY to the script they're executed in, and ONLY for the execution lifetime of that particular script.
If you want to make it a permanent global change, you'll have to modify php.ini, or put some php_values directives into http.conf/.htaccess.
in my local WAMP server, when I call session_start() the session-id is being set in the cookie as follows and var_dump($_COOKIE) gives the following.
array
'PHPSESSID' => string 'qg8nrlpdtgb391386lhghgv727' (length=26)
so when I call session_start() again, my previous session is resumed.
but when I deployed the same code to my web-server, the PHPSESSID is not being set in the cookie. So as a result, every time I call session_start(), a new session is getting created instead of resume the previous session.
Can anyone please tell me a possible cause of the problem. Do we have to explicitly set the PHPSESSID to the cookie?
Also, In my local(WAMP) I dont have https, but the web-server where I pushed the code is https. Is this a problem?
I am stuck with this for almost 3 days now.
Thanks in advance.
Kanna
Looks like session handling is configured differently on this webserver. You should compare the values set in the php.ini file under the session-section.
Especially:
Is session.use_cookies set to 1?
Does session.save_path point to a valid directory, where the webserver user has write permission
See here for a full list of session-settings:
http://de3.php.net/manual/de/session.configuration.php
I had called session_start() immediately after html < head > tag. This was the problem. When I moved the session_start() method before the html head tag, the problem was solved.
Thanks everyone for your help.
Kanna