• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 274
  • Last Modified:

PHP Session broken after server (Linux Redhat) move

I have a login section of my website that features a sessionvalidate.php script that is included on each page to make sure that a person is authorized to view the web page.  The server move was a lateral move with PHP 5 and MySQL 5 and Apache on both machines.  Obviously there is some PHP variable not turned on possibly?

Here is the code for the validate page that works on the original server and not on the new server.

<?Php
	session_start();
	include "../scripts/dbconnection.php";
	$myConn		= dbConnect();
	if(myConn==false)	header("Location: index.php?errCode=-3");
	
	$session_array=$HTTP_SESSION_VARS;
	if($session_array){
		$adminid	= $session_array['adminid'];
		$adminuser	= $session_array['adminuser'];
		$sql 		= "";
		$sql 		= "SELECT * FROM tbl_admin 
						WHERE user_uid='$adminid' AND
						username='$adminuser'";
		if(mysql_num_rows(mysql_query($sql,$myConn))<1)
		{
			header("Location: index.php?errCode=-4");
		}
	}else{
		header("Location: index.php");
	}
?>

Open in new window

0
pda4me
Asked:
pda4me
  • 3
  • 2
1 Solution
 
zicevaCommented:
You did not tell us what the actual error is ...
This is the script, but when you run it, where does it take you? index.php, index.php?errCode=-3 or index.php?errCode=-4?

Also, I would suggest using $_SESSION instead of $HTTP_SESSION_VARS ....
0
 
pda4meAuthor Commented:
ziceva, that worked!  I changed it to $_SESSION and its working fine?  Why is that, what is the difference?
0
 
zicevaCommented:
$HTTP_SESSION_VARS is the deprecated version of $_SESSION (php4 or so)
0
 
zicevaCommented:
And a more complete answer

$_SESSION

$_SESSION variable is an associative array hold session variable available to the current script. This is automatic global variable also called super global variable. By default, this variable is available in all scopes throughout the script.

$HTTP_SESSION_VARS

Despite of $_SESSION variable, $HTTP_SESSION_VARS variable is not by default auto global but hold same information as $_SESSION variable. register_globals directive is required to set in php.ini file to make this variable available throughout the script.

So the register_globals was the culprit ... anyway, it is good practice to use $_SESSION instead of $HTTP_SESSION_VARS

0
 
pda4meAuthor Commented:
Awesome help and one of the most complete answers I have ever had from an Expert.  Thanks for the help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now