We help IT Professionals succeed at work.

PHP session variables not passed

sabecs
sabecs asked
on
I have a file that checks login details and sets session variables as below:

File is located in www.mywebsite.com/subfolder/check_login.php

$_SESSION['user'] = "OK";
$_SESSION['id'] = $row_user['id'];
$_SESSION['contact'] = $row_user['contact'];

If I execute my test.php file below in www.mywebsite.com/subfolder/test.php
Session variables are OK,

But if I put test.php in my root folder www.mywebsite.com/test.php session variables are not found?

Test.php
<?php session_start();
echo "session user".$_SESSION['user'];
echo $_SESSION['userid'];
echo $_SESSION['contact'];            
?>

What is causing this and how can I rectify?

Thanks in advance for your feedback.
Comment
Watch Question

Shinesh PremrajanEngineering Manager

Commented:
did your check_login.php page has the session_start() define in the top of the page?
Most Valuable Expert 2011
Top Expert 2016

Commented:
Session variables may be influenced by the subdomain or directory structure because session cookies are not set with all the parameters you want.  In other words, a session cookie from the "main" page may not be available to the other pages that are not in the same directory tree.

You may want to set your session cookie yourself, something like this:
// START THE SESSION AND SET THE COOKIE
$sess_name = session_name();
if (session_start())
{
// MAN PAGE http://us.php.net/manual/en/function.setcookie.php
    setcookie($sess_name, session_id(), NULL, '/');
}

Open in new window

You have included the check_login.php file in the test.php file.

Please check the path is correct or not.
Most Valuable Expert 2011
Top Expert 2016

Commented:

Commented:
Session variables are specific to a domain, so if your domain name points to the subdirectory, then any session variables are not available to any script not beneath that domain name.
looks like two diffrent sub folders to me.. u are testing it in www.mywebsite.com/test.php   where the check login is www.mywebsite.com/subfolder/check_login.php

they should both be the same e.g

www.mywebsite.com/subfolder/check_login.php
www.mywebsite.com/subfolder/test.php

Author

Commented:
Thanks for your feedback, I can see session variables getting created in
www.mywebsite.com/subfolder/

Can I get www.mywebsite.com/test.php to look for sessions in www.mywebsite.com/subfolder/
why not just put them both in the same folder?
Most Valuable Expert 2011
Top Expert 2016
Commented:
If you use the design pattern I have shown above, your session will work across different directories.

You can use var_dump($_SESSION); to see what is in the session array.

It may go without saying, but I will say it anyway because PHP does not help us much here, but you MUST do the session_start() command on EVERY page and before any browser output at all, including whitespace.  

If I were the architect of PHP, I would make the $_SESSION array immutable and raise a fatal error if an attempt were made to change it when the session is not active.  Such a scheme would save you from this kind of debugging exercise.  But since we cannot have that, we must follow the correct processes in the correct order.

Best regards, ~Ray

Author

Commented:
Thanks Ray.
Most Valuable Expert 2011
Top Expert 2016

Commented:
Thanks for the points - it's a good question. ~Ray