Page 1 of 1

[SOLVED] Session being lost

Posted: Tue Apr 03, 2007 9:33 am
by thewebtrack
feyd | Thread split from here

Hi,

I've been having the same exact problem and was unable to reslove it. (I've been busting my brain with this for more than a week... googling and everything... :( )
I'm using PHP 5.2 on Apache 2.2.3 (Win32) on a local server.

Here's my output for the given code snippet:

Code: Select all

re-load page
self: /Tracking/tests/smallTest.php
session_name: PHPSESSID
session_id: 092acbb63d19bd12f65f0272740a9813

coookie_params: array (
  'lifetime' => 0,
  'path' => '/Tracking/',
  'domain' => '127.0.0.1',
  'secure' => false,
  'httponly' => false,
)
cookies: array (
)
session: array (
  'xyz' => 
  array (
    0 => '17:24:39',
  ),
)
After a reload...

Code: Select all

re-load page
self: /Tracking/tests/smallTest.php
session_name: PHPSESSID
session_id: 7590770554fea239caea7d4d7adddce5

coookie_params: array (
  'lifetime' => 0,
  'path' => '/Tracking/',
  'domain' => '127.0.0.1',
  'secure' => false,
  'httponly' => false,
)
cookies: array (
)
session: array (
  'xyz' => 
  array (
    0 => '17:24:57',
  ),
)
I tried to play around with cookie_path (setting it to "/" and "\\"). In addition, I tried to play around with the cookie_domain (using an empty value, "localhost" or "127.0.0.1") but with no results.

Any help would be greatly appriciated!

Thanks,

Shahar.

Posted: Tue Apr 03, 2007 10:34 am
by RobertGonzalez
Is the folder writable by the server? Is your browser accepting cookies?

Posted: Tue Apr 03, 2007 11:19 am
by thewebtrack
Thanks for responding Everah.

I switched the privacy settings of my IE to 'Accept all cookies' but that didn't do.
The cookies are being written. I see them being created in the directory specified in session.save_path - if that's what you mean.

Shahar.

Posted: Tue Apr 03, 2007 12:21 pm
by RobertGonzalez
I meant by the browser. If the cookies is accepted by the browser then it should be readable.

I had posted these two test files a few days ago for another session issue someone else was having. Not sure if they will help you, but maybe you can run them and see what comes of it...

Name this file session-test-page1.php:

Code: Select all

<?php
//Session start
session_start();

//Set session vars
if (!isset($_SESSION['username']) && !isset($_SESSION['password']))
{
    $_SESSION['username'] = 'testusername';
    $_SESSION['password'] = 'testpassword';
	
	header('Location: session-test-page2.php');
	exit;
}
else
{
    // Quick error checking
	echo '<pre>'; var_dump($_SESSION); echo '</pre>';
	echo '<p>You user name is already set to ' . $_SESSION['username'] . '</p>';
    echo '<p>And your password is already set to ' . $_SESSION['password'] . '</p>';
}

if (isset($_GET['clear']))
{
	// Unset all of the session variables.
	$_SESSION = array();

	// If it's desired to kill the session, also delete the session cookie.
	// Note: This will destroy the session, and not just the session data!
	if (isset($_COOKIE[session_name()])) {
	    setcookie(session_name(), '', time()-42000, '/');
	}

	// Finally, destroy the session.
	session_destroy();
	
	echo '<p>Even though you see the information above, the session has already been terminated. 
	<a href="' . basename($_SERVER['SCRIPT_FILENAME']) . '">Refresh the page</a> and you will see nothing as the page sets the session vars again.</p>';
}

echo '<p><a href="session-test-page2.php">Click here for page 2</a></p>';
echo '<p><a href="?clear=true">Click here to clear the session data</a></p>';
?>
Name this one session-test-page2.php:

Code: Select all

<?php
//Session start
session_start();

// Quick error checking
echo '<pre>'; var_dump($_SESSION); echo '</pre>';

// Echo session vars
echo '<p>You user name is ' . $_SESSION['username'] . '</p>';
echo '<p>And your password is ' . $_SESSION['password'] . '</p>';

echo '<a href="session-test-page1.php">Click here to go back to page 1</a>';
?>
Save them to your local server (or whatever server you are developing on) and call the first page - http://localhost/session-test-page1.php. It should redirect to session-test-page2.php automatically after it sets the session vars. Then follow the links that it gives you. Post back each screen so we can see what is happening.

Posted: Tue Apr 03, 2007 3:20 pm
by thewebtrack
Ok, here are the outputs...

The first time I load session-test-page1.php, I get:

Code: Select all

array(0) {
}

You user name is 

And your password is 

Click here to go back to page 1
When I click the link to get back to page 1 I get:

Code: Select all

array(2) {
  ["username"]=>
  string(12) "testusername"
  ["password"]=>
  string(12) "testpassword"
}

You user name is testusername

And your password is testpassword

Click here to go back to page 1
And the 2nd time I click on the link back to page 1 I get:

Code: Select all

array(2) {
  ["username"]=>
  string(12) "testusername"
  ["password"]=>
  string(12) "testpassword"
}

You user name is already set to testusername

And your password is already set to testpassword

Click here for page 2

Click here to clear the session data
What do you make of that?
(It seems strange that on the 1st redirect the session variables are not saved)

Posted: Tue Apr 03, 2007 3:23 pm
by RobertGonzalez
That is really odd. Clear your browser cache and cookies. All of them. Offline content as well. Then run it again and post back the results again.

Posted: Tue Apr 03, 2007 4:05 pm
by thewebtrack
:(
Cleared cookies + cache + all offline content... Same exact results.

I'm pretty much lost.
I have a hunch that the cookie file is not written and closed by the time the server processes the 2nd page and sends the reply. (this is all done locally with hardly any load on the server)
I'll try to add a delay before the session_start of the 2nd page and let you know of the results.

In any case, I'm still open for ideas.

Posted: Tue Apr 03, 2007 4:28 pm
by feyd
Mistakenly posted in the old thread:
thewebtrack wrote:I've added a 29 seconds sleep just before the session_start of the 2nd page and I observed the folder in which the cookies are created.

When I load the 1st page I see that a cookie is created with all the session data that I expect to find.
The strange thing is that 29 seconds later another cookie file is created (with another session ID) and that file is empty.

When I click the link to go back to the 1t page, the 2nd cookie file fills up with the session data.

Perhaps the immidiate redirect (from the 1st page) does not let the first session ID to be saved (or something like that) - although the 'exit' call should have done the saving.

I'll try to do a manual (using a link) redirect to page 2 and see if a new session ID is created.

... and I'm still open for ideas. :wink:

Posted: Tue Apr 03, 2007 5:08 pm
by RobertGonzalez
Maybe you can post the session section of your php.ini to see if there is something not right with it.

Posted: Wed Apr 04, 2007 12:22 am
by thewebtrack
Here is the session configuration:

Code: Select all

Session Support  enabled  
Registered save handlers  files user  
Registered serializer handlers  php php_binary wddx  

Directive Local Value Master Value 
session.auto_start Off Off 
session.bug_compat_42 On On 
session.bug_compat_warn On On 
session.cache_expire 180 180 
session.cache_limiter nocache nocache 
session.cookie_domain 127.0.0.1 127.0.0.1 
session.cookie_httponly Off Off 
session.cookie_lifetime 0 0 
session.cookie_path /Tracking/ /Tracking/ 
session.cookie_secure Off Off 
session.entropy_file no value no value 
session.entropy_length 0 0 
session.gc_divisor 100 100 
session.gc_maxlifetime 1440 1440 
session.gc_probability 1 1 
session.hash_bits_per_character 4 4 
session.hash_function 0 0 
session.name PHPSESSID PHPSESSID 
session.referer_check no value no value 
session.save_handler files files 
session.save_path C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/cookies C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/cookies 
session.serialize_handler php php 
session.use_cookies On On 
session.use_only_cookies Off Off 
session.use_trans_sid 0 0
[/syntax]

Posted: Wed Apr 04, 2007 7:55 am
by feyd
Is C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/cookies writable by the user Apache runs as?

Posted: Wed Apr 04, 2007 12:44 pm
by thewebtrack
I see that that cookies are being created there when ever I refresh pages - is that a sufficient indication or should I check anything else?

Posted: Wed Apr 04, 2007 1:51 pm
by feyd
That should be enough. So that would mean, most likely, that your computer (or something between) is denying the cookies in some fashion

Problem solved.

Posted: Thu Apr 05, 2007 1:09 pm
by thewebtrack
The problem was ZoneAlarm - this should have been the 1st thing that I should have checked. :oops:
Apparently, ZA has a bug that blocks cookies from localhost even if you've configured it to allow localhost cookies. (Not that I have anything against ZA ... I'm using ver 6.5 and it saved my laptop more than once).

feyd & Everah, thanks for your help and sorry if I wasted you precious time.

Posted: Thu Apr 05, 2007 1:41 pm
by RobertGonzalez
Glad you got it fixed. Please remember to edit the original post and add [SOLVED] to the title.