Solved

PHP Session broken after server (Linux Redhat) move

Posted on 2010-09-24
5
257 Views
Last Modified: 2013-12-12
I have a login section of my website that features a sessionvalidate.php script that is included on each page to make sure that a person is authorized to view the web page.  The server move was a lateral move with PHP 5 and MySQL 5 and Apache on both machines.  Obviously there is some PHP variable not turned on possibly?

Here is the code for the validate page that works on the original server and not on the new server.

<?Php
	session_start();
	include "../scripts/dbconnection.php";
	$myConn		= dbConnect();
	if(myConn==false)	header("Location: index.php?errCode=-3");
	
	$session_array=$HTTP_SESSION_VARS;
	if($session_array){
		$adminid	= $session_array['adminid'];
		$adminuser	= $session_array['adminuser'];
		$sql 		= "";
		$sql 		= "SELECT * FROM tbl_admin 
						WHERE user_uid='$adminid' AND
						username='$adminuser'";
		if(mysql_num_rows(mysql_query($sql,$myConn))<1)
		{
			header("Location: index.php?errCode=-4");
		}
	}else{
		header("Location: index.php");
	}
?>

Open in new window

0
Comment
Question by:pda4me
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:ziceva
ID: 33752425
You did not tell us what the actual error is ...
This is the script, but when you run it, where does it take you? index.php, index.php?errCode=-3 or index.php?errCode=-4?

Also, I would suggest using $_SESSION instead of $HTTP_SESSION_VARS ....
0
 

Author Comment

by:pda4me
ID: 33752466
ziceva, that worked!  I changed it to $_SESSION and its working fine?  Why is that, what is the difference?
0
 
LVL 7

Expert Comment

by:ziceva
ID: 33752587
$HTTP_SESSION_VARS is the deprecated version of $_SESSION (php4 or so)
0
 
LVL 7

Accepted Solution

by:
ziceva earned 500 total points
ID: 33752610
And a more complete answer

$_SESSION

$_SESSION variable is an associative array hold session variable available to the current script. This is automatic global variable also called super global variable. By default, this variable is available in all scopes throughout the script.

$HTTP_SESSION_VARS

Despite of $_SESSION variable, $HTTP_SESSION_VARS variable is not by default auto global but hold same information as $_SESSION variable. register_globals directive is required to set in php.ini file to make this variable available throughout the script.

So the register_globals was the culprit ... anyway, it is good practice to use $_SESSION instead of $HTTP_SESSION_VARS

0
 

Author Closing Comment

by:pda4me
ID: 33752645
Awesome help and one of the most complete answers I have ever had from an Expert.  Thanks for the help!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now