Page 1 of 1
Session vars not lasting beyond a page
Posted: Sun Feb 25, 2007 2:50 pm
by mjseaden
Hi,
This issue may be related to my previous issue, regarding PHP creating a new session for a PHP script called via an IMG tag.
I have an admin script, called 'admin' (no PHP extension, Apache is configured to execute admin as a PHP script). When you first go to the page, the user is presented with a login page.
The login page has a 'session_start()' at the beginning. Looking at my cookies directory, when this page loads, PHP writes a cookie to my C:\Temp directory with a unique ID.
The script calls 'admin' again, which this time detects the $_POST variables sent by the login page, and accordingly writes a session variable indicating the user is logged on, with the intention of using this as a login test later on (the usual method, in other words).
However, expecting the session to be preserved between calls to the 'admin' script, PHP instead writes a new session. It correctly writes to this session, but as soon as you go off the page - for example by calling 'admin' directly again via the browser - it loses it, because it writes a whole new session again!
Why am I losing sessions between page loads - why aren't they being preserved across page calls, as you would expect? Config issue?
Many thanks
Posted: Sun Feb 25, 2007 2:59 pm
by Ambush Commander
PHP does not write "cookies" to your session directory. I would hazard maybe Windows is garbage-cleaning your sessions directory too aggressively: try putting it somewhere else. You may also want to post some code.
Posted: Sun Feb 25, 2007 3:01 pm
by mjseaden
My PHP session session.save_path is equal to C:\Temp, however my session.cookie_path is curiously just equal '\' - could this be something to do with it? What does it mean '\'?
Posted: Sun Feb 25, 2007 3:04 pm
by mjseaden
Hi Ambush Commander,
I can see the sessions being written to my directory, which I've now moved to C:\Apache\Session, and windows isn't deleting session files between pages - it's writing different session files indicating different session ids being chosen.
Posted: Sun Feb 25, 2007 3:08 pm
by Ambush Commander
It's irrelevant for our purposes, but session.cookie_path determines for what paths is the default session cookie valid for. For example, if you were to set it to /foobar, the session cookie would only get set by the browser when you were in files in the
http://localhost/foobar directory, and not say a
http://localhost/baz directory.
Okay, next question: is your browser accepting cookies? Try var_dump($_COOKIE); on admin, you should get a value that looks like PHPSESSID => 39842y343ja9w8ryaw38 which should be staying constant.
Posted: Sun Feb 25, 2007 4:04 pm
by mjseaden
Hi ambush commander
No, i seem to be getting 'array(0) {}' rather than any cookie id.
I'll check my browser settings.
Posted: Sun Feb 25, 2007 4:06 pm
by mjseaden
...my browser is set to accept cookies, so it doesn't look like it's a browser settings issue.
Posted: Sun Feb 25, 2007 4:16 pm
by volka
please try
Code: Select all
<?php
error_reporting(E_ALL);
ini_set('display_errors', true);
session_start();
if ( !isset($_SESSION['xyz']) || !is_array($_SESSION['xyz']) ) {
$_SESSION['xyz'] = array();
}
$_SESSION['xyz'][] = date('H:i:s');
?>
<html>
<head><title>session test</title></head>
<body>
<a href="<?php echo $_SERVER['PHP_SELF']; ?>">re-load page</a><br />
self: <?php echo $_SERVER['PHP_SELF']; ?><br />
session_name: <?php echo session_name(); ?><br />
session_id: <?php echo session_id(); ?><br />
<pre>coookie_params: <?php var_export(session_get_cookie_params()); ?></pre>
<pre>cookies: <?php var_export($_COOKIE); ?></pre>
<pre>session: <?php var_export($_SESSION); ?></pre>
</body>
</html>
when you press the link and reload the page session_name and session_id shouldn't change but a new line should be appended to session: each time. Does this work? If not, please post the output.
Posted: Sun Feb 25, 2007 4:31 pm
by mjseaden
Could this be something to do with the fact that I'm using a local server and localhost?
Posted: Sun Feb 25, 2007 4:35 pm
by mjseaden
Hi, many thanks for your test script. Here's the output:
Code: Select all
re-load page
self: /cookies.php
session_name: PHPSESSID
session_id: q2nfro1b4851mp92h1m1kghj31
coookie_params: array (
'lifetime' => 0,
'path' => '\\',
'domain' => '',
'secure' => false,
)
cookies: array (
)
session: array (
'xyz' =>
array (
0 => '22:35:26',
),
)
And then
Code: Select all
re-load page
self: /cookies.php
session_name: PHPSESSID
session_id: d5jeq24ut5tbedclk62aqgp582
coookie_params: array (
'lifetime' => 0,
'path' => '\\',
'domain' => '',
'secure' => false,
)
cookies: array (
)
session: array (
'xyz' =>
array (
0 => '22:35:49',
),
)
There's no preservation of the session id, and there's no appending of the array - it all gets reset. At least that's established, but I don't know if this is a configuration issue or not?
Posted: Sun Feb 25, 2007 4:36 pm
by volka
Mechanism is the same.
Posted: Sun Feb 25, 2007 4:40 pm
by volka
mjseaden wrote:coookie_params: array (
'lifetime' => 0,
'path' => '\\',
'domain' => '',
'secure' => false,
)
cookies: array (
)
empty array _COOKIE means your browser did not accept the cookie.
'path' => '\\' ? Did you play with session.cookie_path? Please remove that line from your php.in then restart the webserver.
Posted: Sun Feb 25, 2007 4:47 pm
by mjseaden
Hi. I've removed the cookie_path line from my PHP.ini, and restarted Apache, and now the output is:
Code: Select all
re-load page
self: /cookies.php
session_name: PHPSESSID
session_id: vpbsjbfelrq9rev2r1q5vr0bd4
coookie_params: array (
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => false,
)
cookies: array (
'PHPSESSID' => 'vpbsjbfelrq9rev2r1q5vr0bd4',
)
session: array (
'admin_valid_user' => '3dfec677ecf45d4c3da3df311b98ea95',
'xyz' =>
array (
0 => '22:45:38',
),
)
And then:
Code: Select all
re-load page
self: /cookies.php
session_name: PHPSESSID
session_id: vpbsjbfelrq9rev2r1q5vr0bd4
coookie_params: array (
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => false,
)
cookies: array (
'PHPSESSID' => 'vpbsjbfelrq9rev2r1q5vr0bd4',
)
session: array (
'admin_valid_user' => '3dfec677ecf45d4c3da3df311b98ea95',
'xyz' =>
array (
0 => '22:45:38',
1 => '22:47:31',
),
)
So it now seems to be working. I honestly don't remember changing the cookie path in my PHP ini file - I doubt very much it's the default though.
Thanks for helping out, that probably solves my other issue too I hope.
Cheers