Session issue

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
t0ta11ed
Forum Newbie
Posts: 10
Joined: Sun Jul 02, 2006 8:19 am

Session issue

Post by t0ta11ed »

Greetings,

I'm working on an application that uses sessions to store user info. When the user logs in by entering a name and password, a login page authenticates the user and then sets a session variable to store the username. However, since I was redirecting to the main page via the header() function after authentication, I was using session_write_close() to make sure the variable would be available to the page I redirected to. This worked fine until recently when a co-worker changed the php.ini file. Now that variable throws an undefinied error. The variable that was set on the login page no longer makes it to the redirected main page. Here's the relevant code:

login.php

Code: Select all

// If theres a match send them to main.php
if ($pw == $row[0]) {
	
	session_register("user");
	$_SESSION['user'] = $user; 
	session_write_close();

	header("Location: main.php");
}
When main.php loads, it throws an error stating the SESSION variable is undefined.

This all worked before the ini file was mucked with, so I'd really like some ideas on what is missing or whatever since I'm out of ideas. My only alternative is to rewrite the app to use cookies instead, which I really don't want to do since it was nearly ready for production in the first place.

Here's the Session info. I've also made sure the directory is writeable as well:

Session Support enabled
Registered save handlers files user

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path /var/lib/php/session /var/lib/php/session
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

session_start() is called on all pages?

Tips: Don't use session_register(). Don't use relative paths for header redirections, use the full URL. http://.. and all.
t0ta11ed
Forum Newbie
Posts: 10
Joined: Sun Jul 02, 2006 8:19 am

Post by t0ta11ed »

feyd wrote:session_start() is called on all pages?

Tips: Don't use session_register(). Don't use relative paths for header redirections, use the full URL. http://.. and all.
Yes, session_start() is called on both pages. Thanks for the tips.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

You may need to insert the session id into your redirect. It's not pretty, but it is the easiest way to force the ID to transfer, since I don't know what your colleague changed in the ini.

Code: Select all

header('Location: http://somesuch.com/page.php?' . rawurlencode(session_name()) . '=' . rawurlencode(session_id()));
or similar.
t0ta11ed
Forum Newbie
Posts: 10
Joined: Sun Jul 02, 2006 8:19 am

Post by t0ta11ed »

Ok, I discovered there was a non-standard ini file generated by what appeared to be a third party app. I replaced it with the standard php.ini distribution and now the login produces a completely blank page. I fixed this once but now how I did it escapes me....anyone? Buller? buller?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Ahem, Bueller. ;)

There is likely an error of some fashion that's causing the script to halt and display errors is off. If you have access to the server logs, take a look in there for php errors. If that isn't fruitful, run the following in a new file and tell us the results please.

Code: Select all

<?php

$neg = array('off', 0, false, '', null);
$flags = array(
	'Register Globals' => 'register_globals',
	'Short Tags' => 'short_open_tag',
	'Display Errors' => 'display_errors',
	'Magic Quotes GPC' => 'magic_quotes_gpc',
	'Magic Quotes Runtime' => 'magic_quotes_runtime',
	'Magic Quotes Sybase' => 'magic_quotes_sybase',
);
$ve = phpversion();
$os = PHP_OS;
$er = intval(error_reporting());
foreach ($flags as $n => $v)
{
	$flags[$n] = (in_array(strtolower(ini_get($v)), $neg) ? 'Off' : 'On');
}
$cli = (php_sapi_name() == 'cli');
$eol = "\n";

$gle = get_loaded_extensions();
$rows = array();
$le = '';
$wide = 4;
$j = count($gle);
$pad = $wide - $j % $wide;
$len = max(array_map('strlen', $gle));
$func = create_function('$a', 'return str_pad($a, ' . intval($len) . ');');
$gle = array_map($func, $gle);
for($i = 0; $i < $j; $i += $wide)
{
	$le .= '   ' . implode('   ', array_slice($gle, $i, $wide)) . $eol;
}

$ec = array(
	'E_STRICT' => 2048, 'E_ALL' => 2047, 'E_USER_NOTICE' => 1024,
	'E_USER_WARNING' => 512, 'E_USER_ERROR' => 256, 'E_COMPILE_WARNING' => 128,
	'E_COMPILE_ERROR' => 64, 'E_CORE_WARNING' => 32, 'E_CORE_ERROR' => 16,
	'E_NOTICE' => 8, 'E_PARSE' => 4, 'E_WARNING' => 2, 'E_ERROR' => 1,
);

$e = array();
$t = $er;
foreach ($ec as $n => $v)
{
	if (($t & $v) == $v)
	{
		$e[] = $n;
		$t ^= $v;
	}
}
if (ceil(count($ec) / 2) + 1 < count($e))
{
	$e2 = array();
	foreach ($ec as $n => $v)
	{
		if (!in_array($n, $e) and $n != 'E_ALL')
		{
			$e2[] = $n;
		}
	}
	$er = $er . ' ((E_ALL | E_STRICT) ^ ' . implode(' ^ ', $e2) . '))';
}
else
{
	$er = $er . ' (' . implode(' | ', $e) . ')';
}

if (!$cli)
{
	echo '<html><head><title>quick info</title></head><body><pre>', $eol;
}

echo 'PHP Version: ', $ve, $eol;
echo 'PHP OS: ', $os, $eol;
echo 'Error Reporting: ', $er, $eol;
foreach ($flags as $n => $v)
{
	echo $n, ': ', $v, $eol;
}
echo 'Loaded Extensions:', $eol, $le, $eol;

if (!$cli)
{
	echo '</pre></body></html>', $eol;
}

?>
Post Reply