?
Solved

php sessions not being read so setting a new one when not needed.

Posted on 2011-04-19
15
Medium Priority
?
333 Views
Last Modified: 2012-05-11
I have a page that is setting up session variables does various things and then posts back a form. The problem being that after the post back it sets up a new session for some reason and then my session information is being lost.
I am running php 5.3.5 and apache 2.2.8.
This is from the ini file,
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
The session files are being written and have the correct information in them for what has been set to the session variables for each run through but there is no carry over.
I checked the session_id() and it is different.
0
Comment
Question by:haloexpertsexchange
  • 7
  • 7
15 Comments
 
LVL 13

Expert Comment

by:AielloJ
ID: 35430636
haloexpertsexchange:

Are you remembering to include the session_start() function at the top of your pages?  It must be the first line in the script file.

0
 
LVL 3

Expert Comment

by:fabzster187
ID: 35430661
please post an example of the code

From your question above, i think whats happening is the following

page 1:

$_SESSION['test'] = $_POST['test'];

then u go to a page2 then return to the page1? if this is the cases then nothing is being posted again so it will set the variable to nothing
0
 
LVL 13

Author Comment

by:haloexpertsexchange
ID: 35432798
session_start() is on the page, it reposts back to itself, and things do get set, its just that for some reason once I come back after the submit, it starts a new session.
$decrypt is a variable used later on in the code, the $_GET comes from a different page entirely with a value that I need, so I get it the first time I come to the page, then set it into a session variable, then from then on I check to see if there is any get value, if not I look for the session variable, the problem being that for some reason it does not pick up the session that was set before and I end up with no session variable by that name and my variable comes up with no value.
This is all on one server so there is no problems with that.
I don't unset anything on the entire page besides some com objects so I am not accidentally unsetting my session variables
if(!empty($_GET["userId"]))
{
$decrypt = $_GET['userId'];
$_SESSION['username']=$decrypt;
}
else
{
$decrypt=$_SESSION['username'];

}

Open in new window

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 13

Author Comment

by:haloexpertsexchange
ID: 35435225
As an update cookie setting works so that is not the problem.

For some reason it seems like the PHPSESSID cookie is being reset every time I call session_start().
If I manage to somehow save the original session_id I can then force the session_id to whatever the first session_id was and then the sessions work and I can access my stored session data.

Any one have any idea what could be triggering the PHPSESSID cookie overwrite after every session_start() call?
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35435498
haloexpertsexchange:

I had some issues awhile back with a hsosting setup where I had to explicitly register each session variable, and wrote this function for convenience.

/**********************************************************************
' Set the value of the session variable passed.
'
' function
' setSessionVariable
' (
'   $SessionVariableName
'   $SessionVariableValue
' )
'*********************************************************************/

function
setSessionVariable($SessionVariableName, $SessionVariableValue)
{

  global $HTTP_SESSION_VARS;
 
/**********************************************************************
'
' If the session variable not registered, then register it prior to
' setting its value.
'
'*********************************************************************/

  if (session_is_registered($SessionVariableName))
  {
    session_register($SessionVariableName);
  }

  $HTTP_SESSION_VARS[$SessionVariableName] = $SessionVariableValue;
}

Your host probably uses the newer $_SESSION global in place of the older $HTTP_SESSION_VARS, or maybe it doesn't.

AielloJ
0
 
LVL 13

Author Comment

by:haloexpertsexchange
ID: 35435668
AielloJ:
I have more or less complete control over the server settings and the php settings so I should be able to change any sort of settings which would control this. Any idea what exactly I should check into to see if my problem is like yours?
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35436331
haloexpertsexchange:

Try the code I provided or similar in-line code to see if it resolves the issue.  I had similar issues with PHP and session variables.  That's why I wrote that function long ago and use it still today - it works for me.  Like you, I was having a very similar issue and after some digging that function resolved it.

I don't have control of the PHP settings as my sites are hosted with an Internet company.  I don't know what settings may be involved if it is related to the settings.

AielloJ
0
 
LVL 13

Author Comment

by:haloexpertsexchange
ID: 35436506
AielloJ:
I added this to my code
function
setSessionVariable($SessionVariableName, $SessionVariableValue)
{

  global $_SESSION;
 
/**********************************************************************
'
' If the session variable not registered, then register it prior to
' setting its value.
'
'*********************************************************************/

  if (session_is_registered($SessionVariableName))
  {
    session_register($SessionVariableName);
  }

  $_SESSION[$SessionVariableName] = $SessionVariableValue;
}

Open in new window

After that I tried setting my session value like this,
if(!empty($_GET["userId"]))
{
$decrypt =$_GET["userId"];
setSessionVariable('username', $decrypt);
echo session_id();
}
else
{
$decrypt=$_SESSION["username"];
}

Open in new window

Unfortunately this does not seem to do anything different and I still end up with lost session information after the post back to the page, same as before.
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35436975
haloexpertsexchange:

Let's go back to some basics 'cause somethings not right.

1) Are you certain the PHP interpreter is running?
2) Have you run php_info() and looked at the output it produces?
3) Is your interpreter using the $_SESSION variables or the older $HTTP_SESSION_VARS syntax?
4) Is the session_start() function at the top of EVERY page?
5) What is the register_globals set to in your php.ini file?
6) Is there a $GLOBALS[] supglobal array defined.  Did you use print_r() or other function that displays the contents of associative arrays to list its contents?
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35436980
Are you running this on a Windows platform?  I've seen cases where the php.ini file had to be in the php instalation directory as well as the Windows directory.
0
 
LVL 13

Author Comment

by:haloexpertsexchange
ID: 35440746
AielloJ:
1) that would be a yes, everything else is working besides the session variable issue.
2)This is what php info shows about sessions  session information from php_info3)it uses $_SESSION, $HTTP_SESSION_VARS is a deprecated function and I am running 5.3.5
4)My current problem only is ever on one page which posts back information to itself and then somehow loses the session, but yes session_start is a the top of the page.
5)register_globals is off as is the default value for 5.3.5
6)I have not done anything with a $GLOBALS[] array. I have used print_r on my sessions which is why I knew that my session was getting lost and that it was not just a matter of me some how setting the session to a blank value.

I am running on a windows server off of apache. It says that the loaded ini file is the one in the php directory but it wouldn't hurt for me to put an ini file in the Windows directory as well.
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35446048
haloexpertsexchange:

I've had to put my php.ini file in both.  I don't remember the problem I was having, but I definitely had to put it in both folders.  Maybe you could send me a very stripped down copy of the page for me to test.
0
 
LVL 13

Accepted Solution

by:
haloexpertsexchange earned 0 total points
ID: 35459773
AielloJ:
so apparently part of my problem was that I had for some reason changed the session.cookie_path = / to session.cookie_path = \.
I actually ended up comparing the ini files from another server, saw the difference, changed it back to the session.cookie_path = / and now everything is working.
I guess the moral of this story is, don't touch anything in the ini file that you don't have to, the default value is usually the best unless you have a specific reason for changing it.
So that apparently was my problem and changing that back fixed my problems, unless the server somehow managed to miraculously fix itself.
0
 
LVL 13

Expert Comment

by:AielloJ
ID: 35465611
haloexpertsexchange:

That would be it.  Apache always uses Unix path conventions, even when runnng on Windows platforms.

AielloJ
0
 
LVL 13

Author Closing Comment

by:haloexpertsexchange
ID: 35499770
I figured out my problem by comparing the ini file from a working php installation on apache with the ini file from the one that I was having problems with and figured out my problem that way.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses
Course of the Month14 days, 21 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question