• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1200
  • Last Modified:

Word Press destroys session data

Hey all

Below you will see a block of code which uses Word Press header functions. Couple of days back I realised that after the WP code was parsed my applications SESSION data was being erased. You will see my quick fix to avoid headaches and I would like to know a better way of getting around the problem

Thats not all!

The second block of code shows how I include two seperate files to make the page (2 column page). The right side attempts to include "pages_right/.php" so the variable $adminpage is not longer set and I do not get an error saying so and should if its really not defined!

I removed the WP code and both pages showed fine so its the original problem causing this also. But I can't fix it the same way! The other problem with SESSIONS allowed me to define variables in the same file as where the word press code is but its not allowing me to reverse it and put the value into a SESSION or simply do $adminpage = $adminpage!

I'm confused about the whole thing now! Before I could say Word Press was erasing SESSIONS but now I don't know what its doing.

Any help would get this development moving again thanks
<?php 			
# PUT LOGIN SESSIONS IN VARIABLE AS WORD PRESS DELETES THEM
if(isset($_SESSION['auth'])){$session_auth = $_SESSION['auth'];}
if(isset($_SESSION['member'])){$session_member = $_SESSION['member'];}
 
# INCLUDE WORDPRESS HEADER
define('WP_USE_THEMES', false);
require('blog/wp-blog-header.php');
query_posts('cat=74&showposts=10'); while (have_posts()) : the_post(); ?>
<p><strong><?php the_title();?></strong>
	<?php the_excerpt(); ?></p>
<p class="dotLine1"><a href="http://www.webtechglobal.co.uk/index.php?page=df/blog&amp;blogframe=archives/<?php echo $wp_id;?>" title="View more" target="_blank" class="viewMore">View more</a></p>
<?php endwhile; 
 
# WORDPRESS DELETES SESSIONS - RESET THEM HERE
if(isset($session_auth)){$_SESSION['auth'] = $session_auth;}
if(isset($session_member)){$_SESSION['member'] = $session_member;}
?> 
 
SECOND BLOCK
 
else{include('pages_left/'.$adminpage.'.php'); if(!isset($adminpage)){echo "WP DESTROYS DATA";}require('pages_right/'.$adminpage.'.php');}

Open in new window

0
Ryan Bayne
Asked:
Ryan Bayne
  • 2
1 Solution
 
Ray PaseurCommented:
This almost certainly has to do with the use of subdomains and the way cookies work.  The way Wordpress sets its session cookies could be considered "defective" or at best, "special."

When you start a session in PHP, you often get the session identifier put into a cookie.  It can be in the URL, but that is not likely to be the case here.  It the session ID was in the URL, things would probably work fine.

When a cookie is set, it can be set for the entire domain or for just a subdomain.  If I set a cookie for 'www.domain.com' it is NOT AVAILABLE to 'domain.com' unless I do some extra work.  My expectation is that Wordpress is setting a cookie that is not usable across subdomains.

The code at the top of this script shows what you need to change, and the code at the bottom enables you to run the script and see the results.

HTH, ~Ray
<?php // RAY_session_cookie_domain.php
// DEMONSTRATE HOW TO START SESSIONS THAT WORK IN DIFFERENT SUBDOMAINS
error_reporting(E_ALL);
 
 
// MAKE THE COOKIE AVAILABLE TO SUBDOMAINS - DOMAIN NAME STARTS WITH DOT AND OMITS WWW OR OTHER SUBDOMAINS.
$x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
if (!is_array($x)) // MAYBE 'localhost'?
{
   $host = $x;
} else // SOMETHING LIKE 'www2.atf70.whitehouse.gov'?
{
   $y    = count($x);
   $host = '.' . $x[$y-2] . '.' . $x[$y-1];
}
 
// START THE SESSION AND SET THE COOKIE FOR ALL SUBDOMAINS
$sess_name = session_name();
if (session_start())
{
	setcookie($sess_name, session_id(), NULL, '/', $host, FALSE, TRUE);
}
 
 
// LOAD UP SOME INFORMATION TO SHOW SESSION CONTENTS
$_SESSION["cheese"] = "Cheddar";
if (!isset($_SESSION["count"])) $_SESSION["count"] = 0;
$_SESSION["count"] ++;
 
 
// PUT UP TWO LINKS WITH DIFFERENT SUBDOMAINS
$gost = substr($host,1); // STRIP OFF THE DOT THAT WAS NEEDED FOR SETCOOKIE
$dmn_link = 'http://'    . $gost . '/RAY_dump_session.php';
$www_link = 'http://www' . $host . '/RAY_dump_session.php';
 
echo "<br/><a target=\"_blank\" href=\"$www_link\">$www_link</a>\n";
echo "<br/><a target=\"_blank\" href=\"$dmn_link\">$dmn_link</a>\n";
 
 
// SHOW WHAT IS IN COOKIE AND IN $_SESSION
echo "<pre>";
echo "COOKIE ";
var_dump($_COOKIE);
echo "\n\n";
echo "SESSION ";
var_dump($_SESSION);
 
echo "</pre>\n";
 
 
 
?>
<form method="post">
<input type="submit" value="CLICK ME" />
</form>

Open in new window

0
 
Ryan BayneWordPress DeveloperAuthor Commented:
Nice one big bit of education there I can't remember reading that domain.com is different to www.domain.com when dealing with sessions.

Thanks for that code
0
 
Ray PaseurCommented:
Glad to help!  Thanks for the points, ~Ray
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now