Sessions problem in PHP 5

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
sailorw
Forum Newbie
Posts: 4
Joined: Sat Feb 18, 2006 2:20 pm

Sessions problem in PHP 5

Post by sailorw »

I have a strange problem with sessions in PHP 5. I have a simple script that prints a random number both as a string and a picture on the screen. When I run the script for the first time, it works perfectly. However, when I refresh the page, new updated random number does not propagate to the image displayer script through sessions. The image displayer script continues showing the old number instead of the new random number. I checked the script on PHP 4.4.2 on Linux with Apache, and the script worked without any problems. However, when I tried it on my computer using PHP 5.1.2 on Windows with Apache 2, I got this problem. I used IE6 for browsing in both cases.

I did some debugging and saw that the problem is solved when I delete the ini_set('session.use_cookies',false); line. However, I need this line because I do not want to use cookies for this purpose.


These are the scripts:

The main script printing the numbers. When you run the script, the two numbers written as text and image must be the same. When you first run the script, they are the same. However, when you refresh the page, image still shows the old number when PHP 5 is used.

Code: Select all

<?php
 
ini_set('session.use_cookies',false); 
session_start();

$IMGVER_TS = (rand()%10);

$_SESSION["IMGVER_RT"] = $IMGVER_TS;

?>
	
<p align="center"> <?php echo $IMGVER_TS ?> <img src="deneimg.php?<?php echo SID ?>"> </p>



This is the script for showing the image. The name of the script file is deneimg.php

Code: Select all

<?php

session_start();


$IMGVER_IMAGE = imagecreate(50,20);
$IMGVER_COLOR_BLACK = imagecolorallocate ($IMGVER_IMAGE, 110,110, 110);
$IMGVER_COLOR_WHITE = imagecolorallocate ($IMGVER_IMAGE, 205, 205, 205);
imagefill($IMGVER_IMAGE, 0, 0, $IMGVER_COLOR_BLACK);

$IMGVER_RanText = $_SESSION["IMGVER_RT"];

imagechar($IMGVER_IMAGE, 3, 20, 0, $IMGVER_RanText ,$IMGVER_COLOR_WHITE);


header("Content-type: image/jpeg");
imagejpeg($IMGVER_IMAGE);
?>
Could you please check it?



I checked the temp directory for sessions. Session files are created properly, so it is not the source of the problem.

The session parameters of my server are as follows:

session.auto_start Off Off
session.bug_compat_42 Off Off
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path c:\Temp c:\Temp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0 0



PHP core parameters are as follows:

allow_call_time_pass_reference Off Off
allow_url_fopen On On
always_populate_raw_post_data Off Off
arg_separator.input & &
arg_separator.output & &
asp_tags Off Off
auto_append_file no value no value
auto_globals_jit On On
auto_prepend_file no value no value
browscap no value no value
default_charset no value no value
default_mimetype text/html text/html
define_syslog_variables Off Off
disable_classes no value no value
disable_functions no value no value
display_errors On On
display_startup_errors On On
doc_root no value no value
docref_ext no value no value
docref_root no value no value
enable_dl On On
error_append_string no value no value
error_log c:\php\error.txt c:\php\error.txt
error_prepend_string no value no value
error_reporting 2039 2039
expose_php On On
extension_dir c:\php\ c:\php\
file_uploads On On
highlight.bg #FFFFFF #FFFFFF
highlight.comment #FF8000 #FF8000
highlight.default #0000BB #0000BB
highlight.html #000000 #000000
highlight.keyword #007700 #007700
highlight.string #DD0000 #DD0000
html_errors On On
ignore_repeated_errors Off Off
ignore_repeated_source Off Off
ignore_user_abort Off Off
implicit_flush Off Off
include_path .;C:\php5\pear .;C:\php5\pear
log_errors On On
log_errors_max_len 1024 1024
magic_quotes_gpc On On
magic_quotes_runtime Off Off
magic_quotes_sybase Off Off
mail.force_extra_parameters no value no value
max_execution_time 30 30
max_input_time 60 60
open_basedir no value no value
output_buffering 4096 4096
output_handler no value no value
post_max_size 8M 8M
precision 14 14
realpath_cache_size 16K 16K
realpath_cache_ttl 120 120
register_argc_argv Off Off
register_globals Off Off
register_long_arrays Off Off
report_memleaks On On
report_zend_debug On On
safe_mode On On
safe_mode_exec_dir no value no value
safe_mode_gid Off Off
safe_mode_include_dir no value no value
sendmail_from no value no value
sendmail_path no value no value
serialize_precision 100 100
short_open_tag Off Off
SMTP localhost localhost
smtp_port 25 25
sql.safe_mode Off Off
track_errors Off Off
unserialize_callback_func no value no value
upload_max_filesize 2M 2M
upload_tmp_dir no value no value
user_dir no value no value
variables_order GPCS GPCS
xmlrpc_error_number 0 0
xmlrpc_errors Off Off
y2k_compliance On On
zend.ze1_compatibility_mode Off Off
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

turn on session.use_trans_sid
sailorw
Forum Newbie
Posts: 4
Joined: Sat Feb 18, 2006 2:20 pm

Post by sailorw »

I turned on session.use_trans_sid, but it did not solve the problem.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

it should have injected the session id along with info to find it into your link.. for instance: deneimg.php?0123456789abcdef0123456789abcdef&PHPSESSID=0123456789abcdef0123456789abcdef or similar should appear in your output html.

If possible, please post a link so we can take a look at it live.
Gambler
Forum Contributor
Posts: 246
Joined: Thu Dec 08, 2005 7:10 pm

Post by Gambler »

Are you sure it's not a browser cache problem?
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

That's my gut idea, but it's really easy to check with a forced refresh. I don't think it's the case, since PHP by default sends out a no-cache header when sessions are turned on.
sailorw
Forum Newbie
Posts: 4
Joined: Sat Feb 18, 2006 2:20 pm

Post by sailorw »

It is not a cache problem. I did refresh by pressing ctrl + f5 and it didn't solve the problem. Strange thing is that the same code is working on when server is PHP 4.4.2 on Linux with Apache, but not working when server is PHP 5.1.2 on Windows XP with Apache 2.0.55 connected to PHP via ISAPI.

Yes, session id is injected to the image displayer link. When I do refresh, a new session id is injected to the image displayer script, but the image displayer script is still showing the data of previous session.

I really would like to show an example, but my ISP has a firewall preventing all incoming connections.

Could anybody try the code on the latest version of PHP?
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

You need to make a couple of changes to get this code to work. The main changes are forcing the session ID to be passed and making sure that both scripts are not using cookies. The following works for me.

Code: Select all

<?php
 
ini_set('session.use_cookies',false);
session_start();

$IMGVER_TS = (rand()%10);

$_SESSION["IMGVER_RT"] = $IMGVER_TS;

?>
   
<p align="center"> <?php echo $IMGVER_TS ?> <img src="deneimg.php?<?php echo session_name() . '=' . session_id(); ?>"> </p>
And for the image:

Code: Select all

<?php
ini_set('session.use_cookies',false);
session_start();

$IMGVER_IMAGE = imagecreate(50,20);
$IMGVER_COLOR_BLACK = imagecolorallocate ($IMGVER_IMAGE, 110,110, 110);
$IMGVER_COLOR_WHITE = imagecolorallocate ($IMGVER_IMAGE, 205, 205, 205);
imagefill($IMGVER_IMAGE, 0, 0, $IMGVER_COLOR_BLACK);

$IMGVER_RanText = $_SESSION["IMGVER_RT"];

imagechar($IMGVER_IMAGE, 3, 20, 0, $IMGVER_RanText ,$IMGVER_COLOR_WHITE);


header("Content-type: image/jpeg");
imagejpeg($IMGVER_IMAGE);

?>
(#10850)
sailorw
Forum Newbie
Posts: 4
Joined: Sat Feb 18, 2006 2:20 pm

Post by sailorw »

Thank you very much! Putting ini_set('session.use_cookies',false); to image script solved the problem!.

Why should I put it to image script? Isn't putting it to only the main script enough? It is strange that the old code worked perfectly fine without that line in PHP 4, but didn't work in PHP 5.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

sailorw wrote:Why should I put it to image script? Isn't putting it to only the main script enough? It is strange that the old code worked perfectly fine without that line in PHP 4, but didn't work in PHP 5.
Even though it is generating an image -- to PHP it is a two regular and separate requests, each with its own header. So the session handling must be identical.
(#10850)
User avatar
AKA Panama Jack
Forum Regular
Posts: 878
Joined: Mon Nov 14, 2005 4:21 pm

Post by AKA Panama Jack »

Ambush Commander wrote:That's my gut idea, but it's really easy to check with a forced refresh. I don't think it's the case, since PHP by default sends out a no-cache header when sessions are turned on.
Actually IE has a bug that ignores the no-cache header. So sometimes you have to do a Shift-Refresh to force it to load from the site instead of the cache.
Post Reply