I've this little problem: PHP is not saving the cookie to my (cookie allowing) browser, other sites are fine but this one fails to save the session id in the cookie, ergo an inability to access necessary data.
The index page does a
require("includes/functions.php");
which successfully requires my functions file:
session_name('login');
// Starting the session
$expiretime = 60*60*24;
session_set_cookie_params($expiretime);
// Making the cookie live for 1 day
session_start();
However, the login cookie is not saving (checked via Firebug) and I've no reason why. Thanks for the help
Try displaying the session cookie parameters to make sure they are ok by running after session_start:
var_dump(session_get_cookie_params());
If path (or domain) doesn't match the prefix of your web app path, then you might have to set it explicitly:
session_set_cookie_params($expiretime, '/');
or
session_set_cookie_params($expiretime, '/myapp/');
Related
If I navigate to 'sub.domain.com/session_test.php' in browser, the session are saved and work fine. I can see all the sessions on page refresh.
However, if I make an http post request from javascript in localhost to the same URL, the sessions are not being saved because I dont get any data(data in the "if" statement) back.
Any ideas why this is happening?
session_start();
if(isset($_SESSION['u'])){
var_dump(ini_get('session.save_path'));
var_dump(ini_get('session.gc_maxlifetime'));
var_dump(ini_get('session.cookie_lifetime'));
echo '<pre>' . print_r($_SESSION, TRUE) . '</pre>';
die();
}
$_SESSION['u'] = "34343gf";
die('end');
The PHP Session variable is server side. Cookies only store the session id in order to retrieve the correct session information.
Anyway, assuming:
sub.domain.com/session_test.php is an alias to localhost/session_test.php (they point to the same file)?
You can't read cookies from one domain in another domain, even if they resolve to the same server. However, there are ways to corcumvent this. One way is to pass the cookie session id as a GET param, although this is not very safe.
Another way is to store the session ID locally (in a text file, or the database) and retrieve it later.
I try your code with a pair of files named index.php and index2.php.
The session is working. (Windows7, Wamp2.5, Apache2.22, php5.4)
I think you have no rights into your /tmp folder where the session is.
Try to put a file inside it with php function file_put_contents( ini_get('session.save_path')."/test-file.txt", 'Test file is OK');.
Your code is OK.
I am setting a cookie containing a vlue in this format and redirecting to another page via the PHP header function. Here's the code,
setcookie("myCookie", $cookieValue, time() + $cookieLife, "/"); // cookieLife is expiration time in sec
header("Location: $baseURL/index.php"); // $baseURL is "http://localhost/mysite"
The cookie is getting set within the browser. However, I am unable to access the cookie value in the redirected page, i.e., "index.php". I am trying to access the cookie value with a simple echo like this,
echo $_COOKIE['myCookie'];
However instead of the cookie value, I get the following notice,
Notice: Undefined index: myCookie in /path/to/my/site/index.php on line 1
I have set the cookie path to "/" after looking at other solutions but am still unable to solve this.
Any help much appreciated.
EDIT :
I am testing this on XAMPP server, and the "mysite" here is actually an alias for another location on my hard drive. Could this be causing this issue?
I assume your cookie gets removed or dissapears once you've left the previous page.
Check if time() + $cookieLife is the desired time you want the cookie to live. The PHP setcookie function tells me that your $cookieLife is the time in seconds that you want your cookie to live, so make sure that it's the value you want it to be.
Use an extension to check your current cookies (and alter them if you need to). This way you can check and make sure if the cookie is living as long as you want it to (you already mentioned seeing the cookie being set, but I will include this just in case + for future visitors).
FireFox Extension: Web Developer
Chrome Extension: Cookies
I have a one page website that uses AJAX to load new php files and update the display.
I start my php session on the main page but when I use ajax to update inner html I need those session variables for the new php file being loaded.
This post is similar to this one: PHP Session Variables Not Preserved . But I checked and my php.ini has session.use_cookies = 1
Main Page PHP:
<?php
session_start();
if(isset($_SESSION['views']))
{$_SESSION['views']=$_SESSION['views']+1;}
else
{$_SESSION['views']=1;}
?>
After User Input I use ajax to call a php file and load a subsection of the page:
<?php
if(isset($_SESSION['views']))
{ echo "Views: " . $_SESSION['views'];}
else
{ echo "Views: NOT SET";}
?>
Can someone please tell me what important step I am missing? Thank you.
Update: After adding session_id() call to both the main and sub pages I see that both pages have the same Session_ID. However it still cannot pull the session variable and if i do assign it a value the two same name session variables stay independent of one another.
Answer to the question that this question created: I found that I had to set a static session_save path in my php.ini file. With most paid webhosting services they just have a default container for sessions but it is affected by load balancing. What a releif.
I think you're missing session_start() on the page that Ajax calls.
You need:
<?php
session_start();
if(isset($_SESSION['views']))
{ echo "Views: " . $_SESSION['views'];}
else
{ echo "Views: NOT SET";}
?>
You need to start session session_start() in the other PHP file also, the one you are calling through AJAX.
I ran into what i thought was the same issue when running PHP 7 on IIS Server 2012 today.
I had added:
if(!isset($_SESSION))
{
session_start();
}
to the start of each AJAX file but kept recieving the following PHP Notice:
PHP Notice: A session had already been started - ignoring session_start()
A bit of searching lead me to this thread which pointed me in the right direction to resolving the issues I encountered. Hopefully the following information will assist others encountering the same issue.
After checking the session.save_path value was set, in my case C:\Windows\Temp, I thought it best to check the folder permissions match those of the user account I was running IIS under.
In my case it turned out that the directory I had nominated for session storage (in php.ini) did not have the same user (security permissions) assigned to it as the one which was running the IIS site.
Interestingly sessions worked fine when not using AJAX requests prior to me adding the new user permissions. However AJAX did not pick up the session until I had corrected the permissions issue. Adding the same user account that IIS is running under immediately resolved this issue.
In the case of using a paid web hosting service the default session save path is automatically set like this:
http://php.net/session.save-path
session.save_path = "/tmp/"
You need to place the static path to your root folder there.
You're trying to use existing session data from your application in an ajax call. To do that, change how you're calling session_start like so:
// With ajax calls
if (session_status()==1) {
session_start();
}
When making ajax calls to php scripts that need existing session data, use session_start after session_status.
http://php.net/session_status
Need to initialize the session before you trying to login through ajax call.
session_start();
Initialize on the top of the page from where you start the login ajax call.
So that the SESSIONID will be created and stored the browser cookie. And sent along with request header during the ajax call, if you do the ajax request to the same domain
For the successive ajax calls browser will use the SESSIONID that created and stored initially in browser cookie, unless we clear the browser cookie or do logout (or set another cookie)
I have an issue with login session. Basically the flow is like this:
user creates account and defines a username;
user logins using url 'http://[username].website.com'
(coded in php & mysql, using session cookie)
My problem is: when trying to directly login from the index page 'www.website.com' I don't manage to get my user logged to his URL http://username.website.com
/// EDIT ///
Let say i have opened url "www.example.com" and created a session variable in this url. Now i want to access that session variable in url "test.example.com". How to do that? any solution welcomed
/// EDIT2 ///
In the top of every php file i have used the below code but my session variable was destroyed and i can't access the session variable in another page. I have also set session.cookie_domain = ".website.com" on "php.ini" file.
ini_set('session.cookie_domain', '.website.com');
session_name("sessionid");
session_start();
As minaz mentioned in the comments, make sure that the cookie you're setting on www.website.com is valid for domain-matching on ".website.com".
If you're still not sure whats happening, try playing around with wget (http://www.gnu.org/software/wget/) using --save-cookies, --load-cookies and --debug.
i'm having a very weird session problem under php:
(works perfectly locally but not on my internet-server)
the problem:
i'm loading a page - i'm defining a php session via jQuery $.post in an external php script
i'm refreshing the page - session is still there
i'm loading a different page - the session is gone (empty)
there's no unset or anything which might reset/clear the session.
i'm using a global php include for the header which triggers session_start();
any ideas?
thanks
Try setting your cookie parameters to allow the domain to work across subdomains:
$params = session_get_cookie_params();
session_set_cookie_params($params['lifetime'], $params['path'], '.example.org');
Where example.org is your domain name.
Then before printing anything to screen start your session:
session_start();
On every page/resource you wish to be able access session data.