Undefined index from $_SESSION array

Posted on 2005-05-04
Last Modified: 2012-08-13
Dear All

I am sure this is reasonably trivial but it is not immediatley obvious to me.

I have a login page and here i set $_SESSION['logged_in'] either to 1 or 0 depending on success

I also set a number of user roles in this page om succesfull login

On success, and i mention this so that you know that a succesful login has taken place,  a message is displayed

'welcome<user>. You are now logged in with the following roles...

<list of roles>'

The code generating this is as follows:
            if ($loggedin == true){
            $_SESSION['logged_in'] = 1;
            list($_SESSION['member'],$_SESSION['editor'],$_SESSION['creator'],$_SESSION['admin']) = split(":",$userroles);
            echo "Hello <span class=\"username\">$name</span>. You are logged in with the following roles:<p>";
            echo "<span class=\"roles\">";

            if ($_SESSION['member'] == 1){
                echo "member<br>";
            if ($_SESSION['editor'] == 1){
                echo "editor<br>";
            if ($_SESSION['creator'] == 1){
                echo "creator<br>";
            if ($_SESSION['admin'] == 1){
                echo "admin<br>";
            echo "</span>";
            $_SESSION['logged_in'] = 0;
<.....code continues...>

So now if i go to another page, and echo the values in the $_SESSION variables i would expect them to be available as session_start() is stated on each page.

Instead i get this

'Notice: Undefined index: logged_in in c:\documents and settings\jonny\my documents\cmstest\htdocs\index.php on line 36'

The code generating this is as follows:

echo $_SESSION['logged_in'];

What should i be looking for here?
I should mention that other parts of my code have session variables and are available

Thanks for any help here

Question by:shimshun
    LVL 6

    Expert Comment

    If I may state the obvious to get things going:

    I looks like the logged_in variable is not persisting to the next page. In other words, its not permanently registering with the session. Perhaps this is a setting in php.ini. I'm doing some reading here and will let you know if I find better help.
    LVL 6

    Expert Comment

    You may need to add this line wherever you initialize your session:


    Author Comment

    But i have seen this stated:

    If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered() and session_unregister().

    Also why do my other session variables work fine? For example on every page, in order to enable a printer friendly application, i do this

    $_SESSION['referer'] = $_SERVER['PHP_SELF'];

    and i never have an trouble with it.
    LVL 6

    Expert Comment

    I'm not entirely sure thats true, but it wouldn't hurt to try something like the following and see what happens:

      session_start ();
      if (!session_is_registered ("logged_in"))
       $logged_in = 0;
       session_register ("logged_in");

    If it works atleast you know what the problem is, then you know the reason they say not to use session_register with $_SESSION is a security issue. In which case you may have to consider restructuring your session coding.
    LVL 4

    Expert Comment

    first, is register_globals on or off on your build?
    Second, if you take out the echo $_SESSION['logged_in'] in the second script, do you get all the other session variables?
    LVL 27

    Expert Comment

    >>  I'm not entirely sure thats true

    I am.

    session_register and other related functions are now deprecated.


    Problems like this are often difficult to solve when there is no immediately obvious cause so we have to turn to a bit of debugging.

    It's possible that it is an overlooked problem in your code, such as an erroneous conditional that unsets the session variable. eg:

    if (isset($logout)) unset($_SESSION['logged_in'];

    If $logout is set at any point when it shouldn't be the session variable will be unset. This is just as an example, there could be any number of possible causes like this so, as i mentioned, we need to do some debugging to track the error down. We are going to do this using print_r($_SESSION); which will give you human friendly output of the session array keys and values, it will help to determine at which point the logged_in key is being removed from the array... presuming it was present in the first place.

    There are 3 places you will want to be testing to begin with:

    1. immediately after you conditional block which ends with

              $_SESSION['logged_in'] = 0;

    This will tell you if the variable is getting added to the session array.

    2. At the end of the page where the $_SESSION['logged_in'] variable is defined (ie. same page as above). This will tell you if it has been unset at some point between when it was first assigned and the end of the script.

    3. The start of the second page (that you are currently getting the error on) immediately after session_start();

    Check the session array with print_r($_SESSION); each time and you should be able to determine roughly where the logged_in key is disappearing from the array. You can then narrow down which section of code is erroneous.

    Note that, based on your comments regarding other session variables working, i am expecting a coding error rather then a problem with anything else.


    Author Comment

    OK before i try anything i have discovered this:

    that the session_id alters between page calls: this is not what i would expect

    that a look in the session file after a successful completion of the login page gives this line at the end


    c/ this is absent from the session file (a differnt file for a differnt number of course)that is generated when navigating to another page

    d/ register_globals is off

    e/ to answer Kooroo's point this code

    foreach($_SESSION as $sess =>$var){
          echo "$sess = $var <br>";

    generates this text

    hasSession = 1
    smi = Object
    sfc = Object
    ssc = Object
    referer = /index.php
    get = Array

    and that when i navigate between paes the same code generates the same text (as i would expect)

    (Its getting late in the UK and i have a job interview tomorrow so i am signing off now. I'll get to additional comments tomorrow. Many thanks for your help so far.)

    Author Comment

    Oh before i go to bed: diablo just seen your post and will try what you say tomorrow. Thanks

    LVL 27

    Expert Comment

    >> that the session_id alters between page calls: this is not what i would expect

    This would suggest that either your sever is configured to not pass the session id in a cookie or your browser is blocking from your cookie from being set OR your server is configured to only pass the session id in the url but the tag rewriting is off OR your server is configured to only pass the session id via a cookie but again, the cookie can't be set for one reason or another etc.

    At this point it would be useful to see your configuration settings for sessions, if you could create a file with:


    and copy the outputted information under the session section.


    session.save_handler - files - files
    session.save_path - no value - no value
    session.serialize_handler - php - php
    session.use_cookies - On - On
    session.use_only_cookies - Off - Off
    session.use_trans_sid - 0 - 0

    This line that you see:


    is the data for the current session (in serialized form). It's absence from the second file supports that a new session has been created rather then initializing the data from the original file. It is not clear at this point why navigating to some pages seems to sustain the session where as the page in question does not.

    It *could* still be a code issue if for example the session array was erroneously reset with:

    $_SESSION = array();

    but even so, the session id would remain the same after starting a new session next time session_start() is called (in the same browsing session). The only way the session id should change at the code level is if session_regenerate_id() was called but this seems very unlikely in this case.

    >> Its getting late in the UK
    Not enough time in the day is there :)
    /also in the UK


    Author Comment


    a/ i dont use session_destroy() anywhwre (rightly or wrongly)

    but it did make me think is my session constantly being recreated; i dont think so but this is somehting to revisit perhaps

    b/ the session is not being recreated on an internet based setup using browser IE 6.0.28


    look for the session id down the bottom of the text.

    The signficance of this site is it uses substantially the same code as i am using locally

    c/I also can see on another bit of local (not internet based) code, for a different site, session_id changes from page to page using IE 6.0.28. In fact all i need to do is hit f5 for the session id to be renewed

    But this does not happen using Mozilla Firefox! In fact with Firefox all the session variables are set correctly, so that the code

    foreach($_SESSION as $sess =>$var){
         echo "$sess = $var <br>";

    generates this output

    hasSession = 1
    smi = Object
    sfc = Object
    ssc = Object
    referer = /index.php
    get = Array
    loggedin = 1
    admin = 0
    creator = 0
    editor = 1
    member = 0

    which is correct

    d/ To recap:

    Pages served locally in my test and intranet setup under IE6 do not retain session_id; pages served to Mozilla do.

    Pages served from an Internet based server, running the same code, to IE6 do retain the session id.

    Test set up is this:
    php 4.3.4
    apache 1.3.29
    windows 2000 desktop
    ie 6.0.28

    I am copying the full phpinfo() out put way below for you to copy.

    Now then i have read something about ie 6 needing a fix of some sort. But cannot recall where. Any ideas?

    But why do some session variables get retained but only these new ones do not?

    f/ Results from your debugging suggestion, diablo are that the session variables are retained on the page but the session id changes after each refresh so any navigation to another page means they are not available.

    (But there is a logic mistake on this page which this exercise has highlighted so thankyou; i dont think it efftects this story but i will fix and get back to you)

    g/ Here is the phpinfo information; many thanks.

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
    <style type="text/css"><!--
    body {background-color: #ffffff; color: #000000;}
    body, td, th, h1, h2 {font-family: sans-serif;}
    pre {margin: 0px; font-family: monospace;}
    a:link {color: #000099; text-decoration: none; background-color: #ffffff;}
    a:hover {text-decoration: underline;}
    table {border-collapse: collapse;}
    .center {text-align: center;}
    .center table { margin-left: auto; margin-right: auto; text-align: left;}
    .center th { text-align: center !important; }
    td, th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;}
    h1 {font-size: 150%;}
    h2 {font-size: 125%;}
    .p {text-align: left;}
    .e {background-color: #ccccff; font-weight: bold; color: #000000;}
    .h {background-color: #9999cc; font-weight: bold; color: #000000;}
    .v {background-color: #cccccc; color: #000000;}
    i {color: #666666; background-color: #cccccc;}
    img {float: right; border: 0px;}
    hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}

                      <script language='javascript' src=''></script>

    <body><div class="center">
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><td>
    <a href=""><img border="0" src="/phpinfo.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42" alt="PHP Logo" /></a><h1 class="p">PHP Version 4.3.4</h1>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">System </td><td class="v">Windows NT JONNY 5.0 build 2195 </td></tr>
    <tr><td class="e">Build Date </td><td class="v">Nov  2 2003 23:43:42 </td></tr>
    <tr><td class="e">Server API </td><td class="v">Apache </td></tr>
    <tr><td class="e">Virtual Directory Support </td><td class="v">enabled </td></tr>
    <tr><td class="e">Configuration File (php.ini) Path </td><td class="v">C:\WINNT\php.ini </td></tr>
    <tr><td class="e">PHP API </td><td class="v">20020918 </td></tr>
    <tr><td class="e">PHP Extension </td><td class="v">20020429 </td></tr>
    <tr><td class="e">Zend Extension </td><td class="v">20021010 </td></tr>
    <tr><td class="e">Debug Build </td><td class="v">no </td></tr>
    <tr><td class="e">Thread Safety </td><td class="v">enabled </td></tr>
    <tr><td class="e">Registered PHP Streams </td><td class="v">php, http, ftp, compress.zlib   </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="v"><td>
    <a href=""><img border="0" src="/phpinfo.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42" alt="Zend logo" /></a>
    This program makes use of the Zend Scripting Language Engine:<br />Zend Engine v1.3.0, Copyright (c) 1998-2003 Zend Technologies
        with DBG v2.11.23, (C) 2000,2001,2002,2003, by Dmitri Dmitrienko
    </table><br />
    <hr />
    <h1><a href="/phpinfo.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000">PHP Credits</a></h1>
    <hr />
    <h2>PHP Core</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">allow_call_time_pass_reference</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">allow_url_fopen</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">always_populate_raw_post_data</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">arg_separator.input</td><td class="v">&amp;</td><td class="v">&amp;</td></tr>
    <tr><td class="e">arg_separator.output</td><td class="v">&amp;</td><td class="v">&amp;</td></tr>
    <tr><td class="e">asp_tags</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">auto_append_file</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">auto_prepend_file</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">browscap</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">default_charset</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">default_mimetype</td><td class="v">text/html</td><td class="v">text/html</td></tr>
    <tr><td class="e">define_syslog_variables</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">disable_classes</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">disable_functions</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">display_errors</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">display_startup_errors</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">doc_root</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">docref_ext</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">docref_root</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">enable_dl</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">error_append_string</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">error_log</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">error_prepend_string</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">error_reporting</td><td class="v">2047</td><td class="v">2047</td></tr>
    <tr><td class="e">expose_php</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">extension_dir</td><td class="v">C:\Program Files\Maguma\php\extensions</td><td class="v">C:\Program Files\Maguma\php\extensions</td></tr>
    <tr><td class="e">file_uploads</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">gpc_order</td><td class="v">GPC</td><td class="v">GPC</td></tr>
    <tr><td class="e"></td><td class="v"><font style="color: #FFFFFF">#FFFFFF</font></td><td class="v"><font style="color: #FFFFFF">#FFFFFF</font></td></tr>
    <tr><td class="e">highlight.comment</td><td class="v"><font style="color: #FF8000">#FF8000</font></td><td class="v"><font style="color: #FF8000">#FF8000</font></td></tr>
    <tr><td class="e">highlight.default</td><td class="v"><font style="color: #0000BB">#0000BB</font></td><td class="v"><font style="color: #0000BB">#0000BB</font></td></tr>
    <tr><td class="e">highlight.html</td><td class="v"><font style="color: #000000">#000000</font></td><td class="v"><font style="color: #000000">#000000</font></td></tr>
    <tr><td class="e">highlight.keyword</td><td class="v"><font style="color: #007700">#007700</font></td><td class="v"><font style="color: #007700">#007700</font></td></tr>
    <tr><td class="e">highlight.string</td><td class="v"><font style="color: #DD0000">#DD0000</font></td><td class="v"><font style="color: #DD0000">#DD0000</font></td></tr>
    <tr><td class="e">html_errors</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">ignore_repeated_errors</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">ignore_repeated_source</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">ignore_user_abort</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">implicit_flush</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">include_path</td><td class="v">.;C:\Program Files\Maguma\php\includes;C:\Program Files\Maguma\php\pear;C:\Documents and Settings\jonny\My Documents\sm144\htdocs</td><td class="v">.;C:\Program Files\Maguma\php\includes;C:\Program Files\Maguma\php\pear;C:\Documents and Settings\jonny\My Documents\sm144\htdocs</td></tr>
    <tr><td class="e">log_errors</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">log_errors_max_len</td><td class="v">1024</td><td class="v">1024</td></tr>
    <tr><td class="e">magic_quotes_gpc</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">magic_quotes_runtime</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">magic_quotes_sybase</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">max_execution_time</td><td class="v">30</td><td class="v">30</td></tr>
    <tr><td class="e">max_input_time</td><td class="v">60</td><td class="v">60</td></tr>
    <tr><td class="e">open_basedir</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">output_buffering</td><td class="v">4096</td><td class="v">4096</td></tr>
    <tr><td class="e">output_handler</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">post_max_size</td><td class="v">8M</td><td class="v">8M</td></tr>
    <tr><td class="e">precision</td><td class="v">14</td><td class="v">14</td></tr>
    <tr><td class="e">register_argc_argv</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">register_globals</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">report_memleaks</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">safe_mode</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">safe_mode_exec_dir</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">safe_mode_gid</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">safe_mode_include_dir</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">sendmail_from</td><td class="v"></td><td class="v"></td></tr>
    <tr><td class="e">sendmail_path</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">serialize_precision</td><td class="v">100</td><td class="v">100</td></tr>
    <tr><td class="e">short_open_tag</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">SMTP</td><td class="v">localhost</td><td class="v">localhost</td></tr>
    <tr><td class="e">smtp_port</td><td class="v">25</td><td class="v">25</td></tr>
    <tr><td class="e">sql.safe_mode</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">track_errors</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">unserialize_callback_func</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">upload_max_filesize</td><td class="v">2M</td><td class="v">2M</td></tr>
    <tr><td class="e">upload_tmp_dir</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">user_dir</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">variables_order</td><td class="v">GPCS</td><td class="v">GPCS</td></tr>
    <tr><td class="e">xmlrpc_error_number</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">xmlrpc_errors</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">y2k_compliance</td><td class="v">On</td><td class="v">On</td></tr>
    </table><br />
    <h2><a name="module_apache">apache</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Apache for Windows 95/NT </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Apache Version </td><td class="v">Apache/1.3.29 (Win32) PHP/4.3.4 </td></tr>
    <tr><td class="e">Apache Release </td><td class="v">10324100 </td></tr>
    <tr><td class="e">Apache API Version </td><td class="v">19990320 </td></tr>
    <tr><td class="e">Hostname:Port </td><td class="v">www.nacvs.test:80 </td></tr>
    <tr><td class="e">Timeouts </td><td class="v">Connection: 300 - Keep-Alive: 15 </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">child_terminate</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">engine</td><td class="v">1</td><td class="v">1</td></tr>
    <tr><td class="e">last_modified</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">xbithack</td><td class="v">0</td><td class="v">0</td></tr>
    </table><br />
    <h2>Apache Environment</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Variable</th><th>Value</th></tr>
    <tr><td class="e">COMSPEC </td><td class="v">C:\WINNT\system32\cmd.exe </td></tr>
    <tr><td class="e">DOCUMENT_ROOT </td><td class="v">c:/documents and settings/jonny/my documents/cmstest/htdocs </td></tr>
    <tr><td class="e">HTTP_ACCEPT </td><td class="v">image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/, application/, application/msword, */* </td></tr>
    <tr><td class="e">HTTP_ACCEPT_LANGUAGE </td><td class="v">en-gb </td></tr>
    <tr><td class="e">HTTP_CONNECTION </td><td class="v">Keep-Alive </td></tr>
    <tr><td class="e">HTTP_HOST </td><td class="v">www.cmstest.test </td></tr>
    <tr><td class="e">HTTP_USER_AGENT </td><td class="v">Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) </td></tr>
    <tr><td class="e">HTTP_XXXXXXXXXXXXXXX </td><td class="v">XXXXXXXXXXXXX </td></tr>
    <tr><td class="e">PATH </td><td class="v">c:\perl\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\GTK\2.0\bin;C:\gs\gs7.04\bin;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";c:\OURDB\Im5i32;c:\OURDB\Sys32;c:\SQLANY50\win32 </td></tr>
    <tr><td class="e">REMOTE_ADDR </td><td class="v"> </td></tr>
    <tr><td class="e">REMOTE_PORT </td><td class="v">1174 </td></tr>
    <tr><td class="e">SCRIPT_FILENAME </td><td class="v">c:/documents and settings/jonny/my documents/cmstest/htdocs/phpinfo.php </td></tr>
    <tr><td class="e">SERVER_ADDR </td><td class="v"> </td></tr>
    <tr><td class="e">SERVER_ADMIN </td><td class="v"> </td></tr>
    <tr><td class="e">SERVER_NAME </td><td class="v">www.nacvs.test </td></tr>
    <tr><td class="e">SERVER_PORT </td><td class="v">80 </td></tr>
    <tr><td class="e">SERVER_SIGNATURE </td><td class="v">&lt;ADDRESS&gt;Apache/1.3.29 Server at www.nacvs.test Port 80&lt;/ADDRESS&gt;
    <tr><td class="e">SERVER_SOFTWARE </td><td class="v">Apache/1.3.29 (Win32) PHP/4.3.4 </td></tr>
    <tr><td class="e">SystemRoot </td><td class="v">C:\WINNT </td></tr>
    <tr><td class="e">WINDIR </td><td class="v">C:\WINNT </td></tr>
    <tr><td class="e">GATEWAY_INTERFACE </td><td class="v">CGI/1.1 </td></tr>
    <tr><td class="e">SERVER_PROTOCOL </td><td class="v">HTTP/1.1 </td></tr>
    <tr><td class="e">REQUEST_METHOD </td><td class="v">GET </td></tr>
    <tr><td class="e">QUERY_STRING </td><td class="v"><i>no value</i> </td></tr>
    <tr><td class="e">REQUEST_URI </td><td class="v">/phpinfo.php </td></tr>
    <tr><td class="e">SCRIPT_NAME </td><td class="v">/phpinfo.php </td></tr>
    </table><br />
    <h2>HTTP Headers Information</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th colspan="2">HTTP Request Headers</th></tr>
    <tr><td class="e">HTTP Request </td><td class="v">GET /phpinfo.php HTTP/1.1 </td></tr>
    <tr><td class="e">Accept </td><td class="v">image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/, application/, application/msword, */* </td></tr>
    <tr><td class="e">Accept-Language </td><td class="v">en-gb </td></tr>
    <tr><td class="e">Connection </td><td class="v">Keep-Alive </td></tr>
    <tr><td class="e">Host </td><td class="v">www.cmstest.test </td></tr>
    <tr><td class="e">User-Agent </td><td class="v">Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) </td></tr>
    <tr><td class="e">XXXXXXXXXXXXXXX </td><td class="v">XXXXXXXXXXXXX </td></tr>
    <tr class="h"><th colspan="2">HTTP Response Headers</th></tr>
    <tr><td class="e">X-Powered-By </td><td class="v">PHP/4.3.4 </td></tr>
    <tr><td class="e">Keep-Alive </td><td class="v">timeout=15, max=100 </td></tr>
    <tr><td class="e">Connection </td><td class="v">Keep-Alive </td></tr>
    <tr><td class="e">Transfer-Encoding </td><td class="v">chunked </td></tr>
    <tr><td class="e">Content-Type </td><td class="v">text/html </td></tr>
    </table><br />
    <h2><a name="module_bcmath">bcmath</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">BCMath support </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_calendar">calendar</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Calendar support </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_com">com</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">com.allow_dcom</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">com.autoregister_casesensitive</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">com.autoregister_typelib</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">com.autoregister_verbose</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">com.typelib_file</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    </table><br />
    <h2><a name="module_ctype">ctype</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">ctype functions </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_dbg">dbg</a></h2>

    <TABLE BORDER=1 CELLPADDING=3 CELLSPACING=0 WIDTH=600 BGCOLOR=#33CCFF ALIGN="CENTER"><TR VALIGN='MIDDLE' ALIGN='CENTER'><TD><B><A HREF='' STYLE='color: #660880;'>DBG php debugger, version 2.11.23, Copyright 2001, 2002, Dmitri Dmitrienko,</A></B></TD></TR></TABLE><BR>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Version </td><td class="v">2.11.23 </td></tr>
    <tr><td class="e">Linked </td><td class="v">as a shared library. </td></tr>
    <tr><td class="e">Profiler </td><td class="v">compiled, enabled </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">debugger.enable_session_cookie</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">debugger.enabled</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">debugger.fail_silently</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">debugger.ignore_nops</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">debugger.JIT_enabled</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">debugger.JIT_host</td><td class="v">clienthost</td><td class="v">clienthost</td></tr>
    <tr><td class="e">debugger.JIT_level</td><td class="v">3</td><td class="v">3</td></tr>
    <tr><td class="e">debugger.JIT_port</td><td class="v">7869</td><td class="v">7869</td></tr>
    <tr><td class="e">debugger.profiler_enabled</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">debugger.session_nocache</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">debugger.timeout_seconds</td><td class="v">300</td><td class="v">300</td></tr>
    </table><br />
    <h2><a name="module_ftp">ftp</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">FTP support </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_mysql">mysql</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>MySQL Support</th><th>enabled</th></tr>
    <tr><td class="e">Active Persistent Links </td><td class="v">0 </td></tr>
    <tr><td class="e">Active Links </td><td class="v">0 </td></tr>
    <tr><td class="e">Client API version </td><td class="v">3.23.49 </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">mysql.allow_persistent</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">mysql.connect_timeout</td><td class="v">-1</td><td class="v">-1</td></tr>
    <tr><td class="e">mysql.default_host</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">mysql.default_password</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">mysql.default_port</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">mysql.default_socket</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">mysql.default_user</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">mysql.max_links</td><td class="v">Unlimited</td><td class="v">Unlimited</td></tr>
    <tr><td class="e">mysql.max_persistent</td><td class="v">Unlimited</td><td class="v">Unlimited</td></tr>
    <tr><td class="e">mysql.trace_mode</td><td class="v">Off</td><td class="v">Off</td></tr>
    </table><br />
    <h2><a name="module_odbc">odbc</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>ODBC Support</th><th>enabled</th></tr>
    <tr><td class="e">Active Persistent Links </td><td class="v">0 </td></tr>
    <tr><td class="e">Active Links </td><td class="v">0 </td></tr>
    <tr><td class="e">ODBC library </td><td class="v">Win32 </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">odbc.allow_persistent</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">odbc.check_persistent</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">odbc.default_db</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">odbc.default_pw</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">odbc.default_user</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">odbc.defaultbinmode</td><td class="v">return as is</td><td class="v">return as is</td></tr>
    <tr><td class="e">odbc.defaultlrl</td><td class="v">return up to 4096 bytes</td><td class="v">return up to 4096 bytes</td></tr>
    <tr><td class="e">odbc.max_links</td><td class="v">Unlimited</td><td class="v">Unlimited</td></tr>
    <tr><td class="e">odbc.max_persistent</td><td class="v">Unlimited</td><td class="v">Unlimited</td></tr>
    </table><br />
    <h2><a name="module_overload">overload</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">User-Space Object Overloading Support </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_pcre">pcre</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">PCRE (Perl Compatible Regular Expressions) Support </td><td class="v">enabled </td></tr>
    <tr><td class="e">PCRE Library Version </td><td class="v">4.3 21-May-2003 </td></tr>
    </table><br />
    <h2><a name="module_session">session</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Session Support </td><td class="v">enabled </td></tr>
    <tr><td class="e">Registered save handlers </td><td class="v">files user  </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">session.auto_start</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">session.bug_compat_42</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">session.bug_compat_warn</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">session.cache_expire</td><td class="v">180</td><td class="v">180</td></tr>
    <tr><td class="e">session.cache_limiter</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">session.cookie_domain</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">session.cookie_lifetime</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">session.cookie_path</td><td class="v">/</td><td class="v">/</td></tr>
    <tr><td class="e">session.cookie_secure</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">session.entropy_file</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">session.entropy_length</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">session.gc_divisor</td><td class="v">100</td><td class="v">100</td></tr>
    <tr><td class="e">session.gc_maxlifetime</td><td class="v">1440</td><td class="v">1440</td></tr>
    <tr><td class="e">session.gc_probability</td><td class="v">1</td><td class="v">1</td></tr>
    <tr><td class="e"></td><td class="v">PHPSESSID</td><td class="v">PHPSESSID</td></tr>
    <tr><td class="e">session.referer_check</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">session.save_handler</td><td class="v">files</td><td class="v">files</td></tr>
    <tr><td class="e">session.save_path</td><td class="v">/tmp</td><td class="v">/tmp</td></tr>
    <tr><td class="e">session.serialize_handler</td><td class="v">php</td><td class="v">php</td></tr>
    <tr><td class="e">session.use_cookies</td><td class="v">On</td><td class="v">On</td></tr>
    <tr><td class="e">session.use_only_cookies</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">session.use_trans_sid</td><td class="v">Off</td><td class="v">Off</td></tr>
    </table><br />
    <h2><a name="module_standard">standard</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Regex Library </td><td class="v">Bundled library enabled </td></tr>
    <tr><td class="e">Dynamic Library Support </td><td class="v">enabled </td></tr>
    <tr><td class="e">Internal Sendmail Support for Windows </td><td class="v">enabled </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e"></td><td class="v">1</td><td class="v">1</td></tr>
    <tr><td class="e">assert.bail</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">assert.callback</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">assert.quiet_eval</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">assert.warning</td><td class="v">1</td><td class="v">1</td></tr>
    <tr><td class="e">auto_detect_line_endings</td><td class="v">0</td><td class="v">0</td></tr>
    <tr><td class="e">default_socket_timeout</td><td class="v">60</td><td class="v">60</td></tr>
    <tr><td class="e">safe_mode_allowed_env_vars</td><td class="v">PHP_</td><td class="v">PHP_</td></tr>
    <tr><td class="e">safe_mode_protected_env_vars</td><td class="v">LD_LIBRARY_PATH</td><td class="v">LD_LIBRARY_PATH</td></tr>
    <tr><td class="e">url_rewriter.tags</td><td class="v">a=href,area=href,frame=src,input=src,form=fakeentry</td><td class="v">a=href,area=href,frame=src,input=src,form=fakeentry</td></tr>
    <tr><td class="e">user_agent</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    </table><br />
    <h2><a name="module_tokenizer">tokenizer</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">Tokenizer Support </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_wddx">wddx</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>WDDX Support</th><th>enabled</th></tr>
    <tr><td class="e">WDDX Session Serializer </td><td class="v">enabled </td></tr>
    </table><br />
    <h2><a name="module_xml">xml</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">XML Support </td><td class="v">active </td></tr>
    <tr><td class="e">XML Namespace Support </td><td class="v">active </td></tr>
    <tr><td class="e">EXPAT Version </td><td class="v">1.95.6 </td></tr>
    </table><br />
    <h2><a name="module_zlib">zlib</a></h2>
    <table border="0" cellpadding="3" width="600">
    <tr><td class="e">ZLib Support </td><td class="v">enabled </td></tr>
    <tr><td class="e">Compiled Version </td><td class="v">1.1.4 </td></tr>
    <tr><td class="e">Linked Version </td><td class="v">1.1.4 </td></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Directive</th><th>Local Value</th><th>Master Value</th></tr>
    <tr><td class="e">zlib.output_compression</td><td class="v">Off</td><td class="v">Off</td></tr>
    <tr><td class="e">zlib.output_compression_level</td><td class="v">-1</td><td class="v">-1</td></tr>
    <tr><td class="e">zlib.output_handler</td><td class="v"><i>no value</i></td><td class="v"><i>no value</i></td></tr>
    </table><br />
    <h2>Additional Modules</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Module Name</th></tr>
    </table><br />
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Variable</th><th>Value</th></tr>
    <tr><td class="e">ALLUSERSPROFILE </td><td class="v">C:\Documents and Settings\All Users </td></tr>
    <tr><td class="e">CATALINA_HOME </td><td class="v">C:\tomcat\jakarta-tomcat-4.0.3 </td></tr>
    <tr><td class="e">CommonProgramFiles </td><td class="v">C:\Program Files\Common Files </td></tr>
    <tr><td class="e">COMPUTERNAME </td><td class="v">JONNY </td></tr>
    <tr><td class="e">ComSpec </td><td class="v">C:\WINNT\system32\cmd.exe </td></tr>
    <tr><td class="e">JAVA_HOME </td><td class="v">C:\j2sdk1.4.1_01 </td></tr>
    <tr><td class="e">NUMBER_OF_PROCESSORS </td><td class="v">1 </td></tr>
    <tr><td class="e">OS </td><td class="v">Windows_NT </td></tr>
    <tr><td class="e">Os2LibPath </td><td class="v">C:\WINNT\system32\os2\dll; </td></tr>
    <tr><td class="e">Path </td><td class="v">c:\perl\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\GTK\2.0\bin;C:\gs\gs7.04\bin;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";c:\OURDB\Im5i32;c:\OURDB\Sys32;c:\SQLANY50\win32 </td></tr>
    <tr><td class="e">PATHEXT </td><td class="v">.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH </td></tr>
    <tr><td class="e">PROCESSOR_ARCHITECTURE </td><td class="v">x86 </td></tr>
    <tr><td class="e">PROCESSOR_IDENTIFIER </td><td class="v">x86 Family 6 Model 9 Stepping 5, GenuineIntel </td></tr>
    <tr><td class="e">PROCESSOR_LEVEL </td><td class="v">6 </td></tr>
    <tr><td class="e">PROCESSOR_REVISION </td><td class="v">0905 </td></tr>
    <tr><td class="e">ProgramFiles </td><td class="v">C:\Program Files </td></tr>
    <tr><td class="e">SystemDrive </td><td class="v">C: </td></tr>
    <tr><td class="e">SystemRoot </td><td class="v">C:\WINNT </td></tr>
    <tr><td class="e">TEMP </td><td class="v">C:\WINNT\TEMP </td></tr>
    <tr><td class="e">TMP </td><td class="v">C:\WINNT\TEMP </td></tr>
    <tr><td class="e">tvdumpflags </td><td class="v">10 </td></tr>
    <tr><td class="e">USERPROFILE </td><td class="v">C:\Documents and Settings\Default User </td></tr>
    <tr><td class="e">windir </td><td class="v">C:\WINNT </td></tr>
    </table><br />
    <h2>PHP Variables</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="h"><th>Variable</th><th>Value</th></tr>
    <tr><td class="e">_SERVER["COMSPEC"]</td><td class="v">C:\WINNT\system32\cmd.exe</td></tr>
    <tr><td class="e">_SERVER["DOCUMENT_ROOT"]</td><td class="v">c:/documents and settings/jonny/my documents/cmstest/htdocs</td></tr>
    <tr><td class="e">_SERVER["HTTP_ACCEPT"]</td><td class="v">image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/, application/, application/msword, */*</td></tr>
    <tr><td class="e">_SERVER["HTTP_ACCEPT_LANGUAGE"]</td><td class="v">en-gb</td></tr>
    <tr><td class="e">_SERVER["HTTP_CONNECTION"]</td><td class="v">Keep-Alive</td></tr>
    <tr><td class="e">_SERVER["HTTP_HOST"]</td><td class="v">www.cmstest.test</td></tr>
    <tr><td class="e">_SERVER["HTTP_USER_AGENT"]</td><td class="v">Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)</td></tr>
    <tr><td class="e">_SERVER["HTTP_XXXXXXXXXXXXXXX"]</td><td class="v">XXXXXXXXXXXXX</td></tr>
    <tr><td class="e">_SERVER["PATH"]</td><td class="v">c:\perl\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\GTK\2.0\bin;C:\gs\gs7.04\bin;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";c:\OURDB\Im5i32;c:\OURDB\Sys32;c:\SQLANY50\win32</td></tr>
    <tr><td class="e">_SERVER["REMOTE_ADDR"]</td><td class="v"></td></tr>
    <tr><td class="e">_SERVER["REMOTE_PORT"]</td><td class="v">1174</td></tr>
    <tr><td class="e">_SERVER["SCRIPT_FILENAME"]</td><td class="v">c:/documents and settings/jonny/my documents/cmstest/htdocs/phpinfo.php</td></tr>
    <tr><td class="e">_SERVER["SERVER_ADDR"]</td><td class="v"></td></tr>
    <tr><td class="e">_SERVER["SERVER_ADMIN"]</td><td class="v"></td></tr>
    <tr><td class="e">_SERVER["SERVER_NAME"]</td><td class="v">www.nacvs.test</td></tr>
    <tr><td class="e">_SERVER["SERVER_PORT"]</td><td class="v">80</td></tr>
    <tr><td class="e">_SERVER["SERVER_SIGNATURE"]</td><td class="v">&lt;ADDRESS&gt;Apache/1.3.29 Server at www.nacvs.test Port 80&lt;/ADDRESS&gt;
    <tr><td class="e">_SERVER["SERVER_SOFTWARE"]</td><td class="v">Apache/1.3.29 (Win32) PHP/4.3.4</td></tr>
    <tr><td class="e">_SERVER["SystemRoot"]</td><td class="v">C:\WINNT</td></tr>
    <tr><td class="e">_SERVER["WINDIR"]</td><td class="v">C:\WINNT</td></tr>
    <tr><td class="e">_SERVER["GATEWAY_INTERFACE"]</td><td class="v">CGI/1.1</td></tr>
    <tr><td class="e">_SERVER["SERVER_PROTOCOL"]</td><td class="v">HTTP/1.1</td></tr>
    <tr><td class="e">_SERVER["REQUEST_METHOD"]</td><td class="v">GET</td></tr>
    <tr><td class="e">_SERVER["QUERY_STRING"]</td><td class="v"><i>no value</i></td></tr>
    <tr><td class="e">_SERVER["REQUEST_URI"]</td><td class="v">/phpinfo.php</td></tr>
    <tr><td class="e">_SERVER["SCRIPT_NAME"]</td><td class="v">/phpinfo.php</td></tr>
    <tr><td class="e">_SERVER["PATH_TRANSLATED"]</td><td class="v">c:/documents and settings/jonny/my documents/cmstest/htdocs/phpinfo.php</td></tr>
    <tr><td class="e">_SERVER["PHP_SELF"]</td><td class="v">/phpinfo.php</td></tr>
    </table><br />
    <h2>PHP License</h2>
    <table border="0" cellpadding="3" width="600">
    <tr class="v"><td>
    This program is free software; you can redistribute it and/or modify it under the terms of the PHP License as published by the PHP Group and included in the distribution in the file:  LICENSE
    <p>This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
    <p>If you did not receive a copy of the PHP license, or have any questions about PHP licensing, please contact
    </table><br />

    LVL 27

    Expert Comment

    ok, i don't think it is a problem with your configuration.

    I have also just accessed both of the pages you linked to in both IE and Firefox. The session id is retained in Firefox but changes on every refresh in IE. It appears that the cookie is not being set since it is not present in the Temporary Internet Files which would explain why the session id is not being retained. It does not however, explain why the cookie is being set in Firefox and not IE.

    You may be able to work around the problem as a temporary solution by setting session.use_trans_sid on in your php.ini configuration file. This means the session id will be passed in the url, it's not a great method at all but it will cover for the IE problem for now. (note: after changes are made to the php.ini file your webserver must be reset).

    I am back to thinking it's a problem in the coding of the script but there is a great deal of inconsistency in what’s happening. A couple of idea's to try:

    1. Add the following to the top of the script:


    This will turn on all errors and may help to locate the problem.

    2. If you have any header redirects occurring you might try adding:


    Just before the header("location...

    3. This IE fix is usually used when using sessions and form data, however, try adding:

    header("Cache-Control: private");

    after session_start();

    Failing all of the above i would like to take a look at your script if possible.


    Author Comment

    diablo: thanks for your suggestions on this. I have upped the point to 300 as it seems a lot of work.

    a/ i think i know what the issue is now but it leaves some things unexplained

    b/ i turned off zone alarm and the pages displayed as they should but:

    * why was the problem only affecting locally served files (ie from
    * why did it effect only some session variables?
    * why did you get effected using ie from internet based files but i did not?

    c/ i think perhaps i should send the script. How should i do this?


    LVL 27

    Expert Comment

    I am afraid i cannot answer your questions under b/ at this point in time, as i mentioned above there is a lot of inconsistency here which makes it difficult to pin point the cause. Hopefully by looking at your code i will be able to identify the culprit.

    We are not allowed to communicate via email so if you could either post your code here (if it's not too large in size) or upload it to your server with a .txt extension and post a link so i can view it that way.


    Author Comment


    Having given this some thought, I am wondering if the answer might be this:

    only some session variables SEEM to get effected. The session is detroyed becuase of zone alarm, it seems, on my system here. I inlcue the code further down this comment

    but the code, in each page checks to see if a session exists and if not creates three session variables (variables to do with menus, site files and site sections); the code does not re-create the session variables i used for logging in, for obvious reasons.

    But i am still puzzled as to why you had problems using an Internet based service (unless you alos had a firewall on) and why IE6 showed the porblems and not Firefox.

    Also how do you make sure that the session does not rely on cookies:

    how od you test for cookies allowed and how do you switch session implementation if cookies are not allowed.

    Perhaps this is the real issue here.

    Code for pages follows

    Here is the relevant part of a page. It occurs in the head section.

    include 'C:/Documents and Settings/jonny/My Documents/cmstest/htdocs/includepath.php';
    include $GLOBALS['includePath'].'incs/';
    //check for whether coming from printpage.php
    include $GLOBALS['includePath'].'incs/pf.php';

    $title= "PAGE TITLE HERE";

    includepath indicates where to get the include files (i dont have root control of the server so cant edit php.ini) holds all the session information (see below) and holds scripts to produce a printer friendly output follows

    //load menu class
    include $GLOBALS['includePath'].'menu.php';
    //load breadcrumb class
    include $GLOBALS['includePath'].'breadcrumb.php';
    //load site menu items class
    include $GLOBALS['includePath'].'siteMenuItems.php';
    //load site files class
    include $GLOBALS['includePath'].'siteFilesCollection.php';
    //load site sections class
    include $GLOBALS['includePath'].'siteSectionCollection.php';
    //load gloabl array
    include $GLOBALS['includePath'].'globals.php';
    //only pick up session-init if new session; hasSession is set in
    if (!(isset($_SESSION['hasSession']))){

          //do nowt
    //grab current page for printer friendly becuase some brwosers do not implement referrer env variable
    $_SESSION['referer'] = $_SERVER['PHP_SELF'];
    //use get rather than request so as to eliminate session id
    //but not if $_GET[nopf]
    if (!(isset($_GET['nopf']))){
    $_SESSION['get'] = $_GET;

    //load errors class
    include $GLOBALS['includePath'].'errorSetUp.php';
    //load some handy things
    include $GLOBALS['includePath'].'utils.php';
    //initialise objects from sessions
    //initailise site men items
    $smi = $_SESSION['smi'];
    initialise site files collection
    $sfc = $_SESSION['sfc'];
    //initialise site section collection
    $ssc = $_SESSION['ssc'];
    //initialise new menu object
    $m = new menu($smi,$sfc);
    //initialise new breadcrumb object
    $bcrumb = new breadcrumb($ssc,$sfc);
    ?> follows

    //session marker
    $_SESSION['hasSession'] = '1';

    //main session vars

    //site menu
    $_SESSION['smi'] = new siteMenuItems($GLOBALS['menuFile']);

    //site files
    $_SESSION['sfc'] = new siteFilesCollection($GLOBALS['siteFiles']);

    //site sections

    $_SESSION['ssc'] = new siteSectionCollection($GLOBALS['siteSections']);


    What do you think?

    LVL 27

    Accepted Solution

    I cannot see any errors in your code, only that, if any of your include files prior to session_start() use the session array, you are going to have problems because the session data wont have been initialized. Ideally session_start() should be at the top before anything else. This does not, however, explain why it works in some scenarios and not in others.

    Debugging a problem like this remotely is very difficult, even if i could see every file you are working with it would be very hard without having some indication of what the source of the error is. If the problem can be recreated on a smaller scale it might give us something to work with. If we could guarantee that the cause of the problem was Zone Alarm then that would be something but that doesn't seem to be the only factor. I am working behind both a hardware and software firewall but i have never experienced problems with session cookies not being set as was the case with your page in IE. It also leaves the mystery of why some session variable are being set and others are not... this suggests that in some cases the session cookie is being set, in other it is not... or at some point it is getting deleted.

    If you set session.use_trans_sid to on in the php.ini then the session id will be passed via the url if the cookie cannot be set... it also means that when the url needs to be used all a tags (and other links) will automatically be rewritten by php to include the session id. In theory this should work around the problem... but frankly as i am having trouble identifying what the problem is i can't be 100% sure.

    If you do not have access to the php.ini file you can also add:
    to the top of the script OR add:
    php_flag session.use_trans_sid On
    to a .htaccess file if your web server is Apache.

    The only thing i can think of besides that is, did you try adding: error_reporting(E_ALL);
    To the top of your script to see if there are any errors?

    I am afraid i have just about run dry on ideas here, if i could recreate the problem then i could work out a way to solve it but as it stands, there is no clear indication of what the problem is.


    Author Comment

    OK thanks Diablo
    You have given me plentyto work with for now and i will accept your answer; without your input it wold have takne me ages to find the zone alarm issue and you have done enought work!

    all the best

    LVL 27

    Expert Comment

    No problem, Jonny. I'm only sorry that i couldn't have been more help with this issue.

    Best wishes,


    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
    Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
    The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now