We help IT Professionals succeed at work.

Don't quite understand session_start();

davidsperling
on
381 Views
Last Modified: 2010-05-18
Hi experts! I'm modifying an open source community script and ran into some headache...

The site used register_globals for session data and that worked just fine on Hotel #1. However, on Hotel #2 they run PHP5 with Safe Mode on so I had to rewrite the code with session_start() instead.

You know...

<?
session_start();
$_SESSION["MyVar"]="Hello";
...
?>

Works almost fine. I'ts just that you'll have to login twice. (Or try to reach a restricted page befor you login)

As you can see from the log below (if you haven't fallen asleep...), the script uses a lot if include files.

This line verifies that $_SESSION[user][logged] is set:
0001204495,"Login.php:  session(user)(logged)=yes","2007-06-12 22:22:09",

Then it's time for app-head.php again - and now it's not set:
0001204504,"app-head.php: session(user)(logged)= ","2007-06-12 22:22:09",

And not in member.php either:
the app-head.php above is included in member.php with require_once("app-head.php")
0001204507,"Member.php: A - _session[user][logged]=","2007-06-12 22:22:09",

So, we'll have to login again then. It works in login.php this time too:
0001204534,"Login.php:  session(user)(logged)=yes","2007-06-12 22:22:19",

And now it also works in app-head.php (which is required_once by almost every page):
0001204543,"app-head.php: session(user)(logged)= yes","2007-06-12 22:22:19",

We're up and running!

But I don't wanna login twice.... See my problem?
Thought I was gonna find a solution fast, but no... I need help on this one!



HERE'S MY DEBUG TABLE (in MySql):

Query SELECT * FROM q_ht_debug_log where date_time >= '2007-06-12 22:',

"debug_id","debug_msg","date_time","millisec"
0001204475,"version.php","2007-06-12 22:21:59",
0001204476,"app-head.php: session(user)(logged)= ","2007-06-12 22:21:59",
0001204477,"index.php","2007-06-12 22:21:59",
0001204478,"template-loader.php","2007-06-12 22:21:59",
0001204479,"templates->section-main.php: ChoosePage=index.php","2007-06-12 22:21:59",
0001204480,"tpl-index.php","2007-06-12 22:21:59",
0001204481,"home-left.php","2007-06-12 22:21:59",
0001204482,"login-box.php","2007-06-12 22:21:59",
0001204483,"app-foot.php","2007-06-12 22:21:59",
0001204484,"version.php","2007-06-12 22:22:09",
0001204485,"app-head.php: session(user)(logged)= ","2007-06-12 22:22:09",
0001204486,"login.php","2007-06-12 22:22:09",
0001204487,"Login.php: A","2007-06-12 22:22:09",
0001204488,"Login.php: D","2007-06-12 22:22:09",
0001204489,"clean-dblog.php","2007-06-12 22:22:09",
0001204490,"Login.php: E","2007-06-12 22:22:09",
0001204491,"Login.php: F","2007-06-12 22:22:09",
0001204492,"Login.php: J","2007-06-12 22:22:09",
0001204493,"Login.php: L","2007-06-12 22:22:09",
0001204494,"Login.php: M","2007-06-12 22:22:09",
0001204495,"Login.php:  session(user)(logged)=yes","2007-06-12 22:22:09",
0001204496,"Login.php: N","2007-06-12 22:22:09",
0001204497,"Login.php: O","2007-06-12 22:22:09",
0001204498,"Login.php: P","2007-06-12 22:22:09",
0001204499,"Login.php: R","2007-06-12 22:22:09",
0001204500,"Login.php: S","2007-06-12 22:22:09",
0001204501,"Login.php: T","2007-06-12 22:22:09",
0001204502,"Login.php: U","2007-06-12 22:22:09",
0001204503,"version.php","2007-06-12 22:22:09",
0001204504,"app-head.php: session(user)(logged)= ","2007-06-12 22:22:09",
0001204505,"member.php","2007-06-12 22:22:09",
0001204506,"Member.php: A - Shouldnt be here","2007-06-12 22:22:09",
0001204507,"Member.php: A - _session[user][logged]=","2007-06-12 22:22:09",
0001204508,"Member.php: A - UserLogged=","2007-06-12 22:22:09",
0001204509,"get-profile.php","2007-06-12 22:22:09",
0001204510,"template-loader.php","2007-06-12 22:22:09",
0001204511,"templates->section-main.php: ChoosePage=member.php","2007-06-12 22:22:09",
0001204512,"tpl-member.php","2007-06-12 22:22:09",
0001204513,"app-foot.php","2007-06-12 22:22:09",
0001204514,"version.php","2007-06-12 22:22:09",
0001204515,"app-head.php: session(user)(logged)= ","2007-06-12 22:22:09",
0001204516,"index.php","2007-06-12 22:22:09",
0001204517,"template-loader.php","2007-06-12 22:22:09",
0001204518,"templates->section-main.php: ChoosePage=index.php","2007-06-12 22:22:09",
0001204519,"tpl-index.php","2007-06-12 22:22:09",
0001204520,"home-left.php","2007-06-12 22:22:09",
0001204521,"login-box.php","2007-06-12 22:22:09",
0001204522,"app-foot.php","2007-06-12 22:22:09",
0001204523,"version.php","2007-06-12 22:22:19",
0001204524,"app-head.php: session(user)(logged)= ","2007-06-12 22:22:19",
0001204525,"login.php","2007-06-12 22:22:19",
0001204526,"Login.php: A","2007-06-12 22:22:19",
0001204527,"Login.php: D","2007-06-12 22:22:19",
0001204528,"clean-dblog.php","2007-06-12 22:22:19",
0001204529,"Login.php: E","2007-06-12 22:22:19",
0001204530,"Login.php: F","2007-06-12 22:22:19",
0001204531,"Login.php: J","2007-06-12 22:22:19",
0001204532,"Login.php: L","2007-06-12 22:22:19",
0001204533,"Login.php: M","2007-06-12 22:22:19",
0001204534,"Login.php:  session(user)(logged)=yes","2007-06-12 22:22:19",
0001204535,"Login.php: N","2007-06-12 22:22:19",
0001204536,"Login.php: O","2007-06-12 22:22:19",
0001204537,"Login.php: P","2007-06-12 22:22:19",
0001204538,"Login.php: R","2007-06-12 22:22:19",
0001204539,"Login.php: S","2007-06-12 22:22:19",
0001204540,"Login.php: T","2007-06-12 22:22:19",
0001204541,"Login.php: U","2007-06-12 22:22:19",
0001204542,"version.php","2007-06-12 22:22:19",
0001204543,"app-head.php: session(user)(logged)= yes","2007-06-12 22:22:19",
0001204544,"member.php","2007-06-12 22:22:19",
0001204545,"get-profile.php","2007-06-12 22:22:19",
0001204546,"template-loader.php","2007-06-12 22:22:19",
0001204547,"templates->section-main.php: ChoosePage=member.php","2007-06-12 22:22:19",
0001204548,"tpl-member.php","2007-06-12 22:22:19",
0001204549,"app-foot.php","2007-06-12 22:22:19",
Comment
Watch Question

Are you coding session_start(); on each page?
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
>Are you coding session_start(); on each page?

-No, should I? I think i use it in app-head.php only. Maybe somewhere else, don't remember the last state ;-) If I use it in too many places, login doesn't work at all.

What is the logic behind session_start() ?

Author

Commented:
>On your first page (May be index.php), session is not getting created.
>use session_destroy first and then use session_start

I'll try that!

You mean like this?

index.php:
--------------

<?
 session_destroy(); //destroy old session data?
 session_start();
 $_SESSION("David")="Yo"; //will now work 'til index.php is called for again...
?>


Ya
You do not need session_destroy() - and in fact - it may degredate the values of the stored session.

I believe the problem was simply that you were not using session_start() on each page.
session_start() initializes the session for the called page.
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Right - and I believe that is because session_start() was not being carried forward to each "subsequent" page that was being called in your authentication routine.

First page needs session_start(); and then ANY page that uses the $_SESSION needs session_start();

that should solve your problem.

Author

Commented:
Ich habe es gefunden! Jawohl!

The problem was in config.php...

//URL and path
//root url (must be http://yourserver.yourdomain.com)
$home_url = "http://www.mydomain.se";  //end without trailing slash.


$home_url was set to an alternative domain name that also works - but not until the second time!

So much time for such a stupid bug :-)


Author

Commented:
And the fix for it...

Config.php (allways required_once)
-------------


//URL and path
//root url (must be http://yourserver.yourdomain.com)
//$home_url = "http://yourserver.yourdomain.com";  //end without trailing slash.


//Add support for multiple domain names, with or without www... /DS 2007
//(This is the fix for the "log in twice bug")

if(!isset($_SESSION["home_url"]))
{
    //The first time only (user goes to adress http://(www.)domainname.xxx)
    $home_url="http://".$_SERVER["HTTP_HOST"];
}
else
{
    //ev'ry other time
    $home_url=$_SESSION["home_url"];
}

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.