Page 1 of 1

SESSION Variable Passing

Posted: Tue Sep 09, 2008 9:36 pm
by Turkey Boy
Okay... New to the board (wheeee) but I have a question right off the bat. Kind of why I joined...

I'm developing a php game, or trying anyways, and for my closed alpha and beta testing, I've got the game code set aside in a different directory. Not really all that fancy I guess, since as long as someone knows what directory to look in, they'll be able to join the testing, but I've had a problem crop up today. I haven't been working on the game for a while (real life got in the way - go figure), and in the time I wasn't working on it, I switched to a different server. Now the new server had different permissions set, etc, and so I had to tweak the code a little to get it to work again. The new server requires me to use the line import_request_variables("gP"); to fetch my session variables. Now, everything was working without it when I was on the old server, and that was fine. On the new server, almost everything works as long as I add on that one line of code. The main pages and pretty much everything else in other directories work fine with just the one line added. But for the game dev directory, it doesn't seem to work. It still registers the session variable I call as being undeclared (isset returns false). As such, none of the user-specific variables load, and all that jive. But even stranger, at random moments (it's happened twice on different sessions that I and my coding partner have tried), it will decide to actually read the session variable, but even when it does, it doesn't load the page properly. What it's supposed to do is load up a list of that user's characters (for the game), but instead it lists all the characters available. Either that or it loads only the previous user's characters (like the session variable is one step behind or something)... I've looked as thoroughly as I could through the code I've written (and a warning, I'm sometimes pretty messy with my code), but I can't figure out what's causing the problems. On the user login page, it sets the session variable, and then as soon as you go to the character selection/creation page, it's like it just disappears.

Help? Please? :(

Re: SESSION Variable Passing

Posted: Tue Sep 09, 2008 10:32 pm
by josh
view your cookies

javascript:alert(document.cookie);

[paste in url bar]

is the session ID cookie being set, did you remember to call session_start(), is a new session id being assigned between page loads?

Re: SESSION Variable Passing

Posted: Tue Sep 09, 2008 10:44 pm
by Turkey Boy
Well I call session_start() at the beginning of every file that needs it, so that's not the problem. I did as you suggested with the javascript alert. Once right after logging in, and once after trying to load the character selection page. It gave me a different session id both times. So unless I'm way off, that's the problem, but unfortunately it still doesn't tell me what's going wrong.

Re: SESSION Variable Passing

Posted: Wed Sep 10, 2008 12:20 am
by josh
Well that is the symptom of the problem. Are you calling session close or anything like that? are you changing domains / subdomains? ( even http://domain.com vs http://www.domain.com has given me cookie issues )

Re: SESSION Variable Passing

Posted: Wed Sep 10, 2008 7:57 am
by Turkey Boy
No domain changing, no. When I shift over, I go from http://www.domain.com to http://www.domain.com/dev but to make sure it wasn't something like that, I added a link to the admin control panel, and it still gives me the same problem.

And there is a session_destroy() call, but it's never reached because the code doesn't go into the if statement (because isset returns false for the session variable).

Oh, a minor point. The import_request_variables("gP"); line I use isn't for session variables. I wasn't the one who added it in, so I was a little confused when I posted earlier. It's actually for my forms, but it still doesn't really help to explain what's going on.

Re: SESSION Variable Passing

Posted: Wed Sep 10, 2008 8:37 am
by Turkey Boy
Quick update because the problem's almost kinda sorta solved.

For some reason, with that subdomain and only that subdomain, it was forcing a domain change (it loses the www)... We changed the cookie domains to be just .domain.com for both of the index pages. And by we, I mean my partner in crime. Because he knows far more about PHP than I do, lol... He just helps out when I get myself in a scrape usually.

It may not be perfect, but it's at least a temporary solution. The bulk of the problem is still out there somewhere... So if you have tips or ideas, do tell. :)

Re: SESSION Variable Passing

Posted: Wed Sep 10, 2008 9:32 am
by Dravos
The issue was that 2 cookies were being created as described. One was with the www. and one without, but this was due to the host deprecating the www. when entering the /dev/ folder for unknown reasons.

I didn't actually have the issue using Firefox on Linux, but I could still see 2 cookies.

The first attempt to fix was by using this prior to the session_start() call:

Code: Select all

ini_set('session.cookie_domain', '.domain.com');
And for me this seemed to reduce the 2 cookies to one, but others still had the issue.

This seemed to do the trick instead for everyone else:

Code: Select all

session_set_cookie_params  (0, '/', 'domain.com');
I'm now looking to replicate this in a php.ini file, since this is hosted on a linux box and should be read every page request as far as I know.

Thanks for the input :)