Search the Community

Hi all ! I have an index file which begins as <?php error_reporting(E_ALL); define('INCLUDE_CHECK',true); require_once 'fran_load.php'; session_start(); // works fine with session_start() //sess_start(); // was working fine earlier but is now problematic header("Content-Security-Policy-Report-Only: default-src 'self' img-src 'self' data: https://www.google.com/ https://ajax.googleapis.com/ https://www.gstatic.com/ http://localhost/xampp/franchisee/; report-uri http://localhost/xampp/franchisee/reports/reportcspviolation.php"); // mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); $mysqliDriver = new mysqli_driver(); $mysqliDriver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; $timezone = "Asia/Calcutta"; if(function_exists('date_default_timezone_set')) date_default_timezone_set($timezone); // set_exception_handler('exception_handler'); . . . and an email activation request page.verifymail.php which begins as <?php error_reporting(E_ALL); session_start(); header("Content-Security-Policy-Report-Only content=default-src 'self' https://www.google.com/recaptcha/ https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/"); define('INCLUDE_CHECK',true); require_once 'fran_load.php'; /* echo "<pre>"; echo $_SESSION['user_token']; echo "</pre>"; exit(); */ $message = ''; $terminate = false; . . . sess_start() is function sess_start() { $session_name = 'sec_session_id'; // Set a custom session name $secure = false; // Set to true if using https. $httponly = true; // This stops javascript being able to access the session id. ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. $cookieParams = session_get_cookie_params(); // Gets current cookies params. session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); // 0, /, ''. session_name($session_name); // Sets the session name to the one set above. session_start(); // Start the php session } Earlier all seemed to work well, but suddenly there is an issue. On submitting the form with action = "verifymail.php" which sends from the index.php to verifymail.php, i find that the $_SESSION variable is blank, thereby not maintaining the session on that page. I am setting some session variables in the form before it is submitted. I commented out sess_start() on index.php and simply used session_start() and all seems to work fine. I would like to use sess_start, since I am setting the cookie timeout and other values therein, if I can. Please can someone suggest why this is happening and how it can be overcome to use sess_start(). Thanks all.

I had built my website in php, earlier on Windows platform and amply used session_start function. Later I shifted to Linux hosting and realized that each session_start is displaying a warning that headers already sent etc. Now I searched google and came to know that this problem comes when BOM or any other char has been sent prior to session_start. But BOM is inevitable in my case as it is a multilingual website. Now i came to know that changing php5.ini and setting some option may help avoid the problem but since this is a shared hosting, i had to search for how to set my own php.ini, i found too, but unfortunately php.ini options are also not taking effect (this is checked by using phpinfo function). Can somebody please help rescue the situation? Thanks for reading this.