[SOLVED] Sessions work differently on my web host server than on my localhost?????

[poleposters]

Hi,

 

I've been working on a site for months and finally put it  online with my webhost and the sessions are behaving strangely.

 

On my localhost, the user logs in, is redirected to the members section and can click on a link to perform an account action. This works fine.

 

On the webhost however, The user logs in is redirected to the the member section.(the session is active at this point) But if a link is followed from the member section the session vanishes!

 

This is the code im using to create my sessions.

$_SESSION['first_name'] = $row[1];
$_SESSION['business_id'] = $row[0];

 

Is there something I need to change in my server settings? Or is there another way to create a session.

[BobcatM]

Not sure if this helps, but I register sessions this way:

 

session_register("myusername");
session_register("mypassword"); 

[PFMaBiSmAd]

Please don't use session_register(). That function was depreciated and disabled by default in php4.2 in the year 2002 and has been completely eliminated in php6.

 

poleposters, the code you posted sets two session variables. A session_start() statement is what creates/resumes a session. We would need to see your code for the page that starts and sets the session variables and the code that resumes and references the session variables to be able to help you.

[poleposters]

Ok. The scripts are bit long so I've cut out parts that aren't required.The session_start() is included in the header.html

 

The first is my login script.

 

<?php 
require_once ('config.inc.php'); 

$page_title = 'Login';
include ('header.html');

if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.

// Validate the email address.	
if (!empty($_POST['email'])) {
	$e = escape_data($_POST['email']);
} else {
	echo '<p><font color="red" size="+1">You forgot to enter your email address!</font></p>';
	$e = FALSE;
}

// Validate the password.
if (!empty($_POST['pass'])) {
	$p = escape_data($_POST['pass']);
} else {
	$p = FALSE;
	echo '<p><font color="red" size="+1">You forgot to enter your password!</font></p>';
}

if ($e && $p) { // If everything's OK.

	// Query the database.
	$query = "SELECT business_id, first_name FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";		
	$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

	if (@mysql_num_rows($result) == 1) { // A match was made.

		// Register the values & redirect.
		$row = mysql_fetch_array ($result, MYSQL_NUM); 
		mysql_free_result($result);
		mysql_close(); // Close the database connection.
		$_SESSION['first_name'] = $row[1];
		$_SESSION['business_id'] = $row[0];

		// Start defining the URL.
		$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
		// Check for a trailing slash.
		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}
		// Add the page.
		$url .= '/add_coupon2.php';

		ob_end_clean(); // Delete the buffer.
		header("Location: $url");
		exit(); // Quit the script.

	} else { // No match was made.
		echo '<p><font color="red" size="+1">Either the email address and password entered do not match those on file or you have not yet activated your account.</font></p>'; 
	}

} else { // If everything wasn't OK.
	echo '<p><font color="red" size="+1">Please try again.</font></p>';		
}

mysql_close(); // Close the database connection.

} // End of SUBMIT conditional.
?>

LOGIN FORM

 

Then the login form then redirects to the members area. "loggedin.php"

 

<?php
include ('header.html');

include "mysql_connect.php";
require_once ('config.inc.php'); 
include "admin/var.php";
/

<?php
if (isset($_SESSION['first_name'])){
print "<a href='logout.php' >Logout</a>";}
?>
</div>
</div>

<div id='controlpanel'>
<div id="welcome">

// Welcome the user (by name if they are logged in).
echo '<h1>Welcome';
if (isset($_SESSION['first_name'])) {
echo ", {$_SESSION['first_name']}!";
}
echo '</h1>';
?>
<p>Manage your coupons, profile and account settings.</p>

</div>

<div id="console">
<?php
if (isset($_SESSION['first_name'])){
print "user setting links"

?>

 

The if the user clicks on one of the user settinig links they are directed to another page. For instance this one.

 

<?php
include ('header.html');

include "mysql_connect.php";
require_once ('config.inc.php'); 
include "admin/var.php";

<div id='listings'>
<div id="editcoupon">
<?php
if(!isset($_SESSION['first_name'])){
print "You must be logged in to add a coupon";}	


else{print page}

 

The session is started on every page and referenced on each in order to provide access to the page.

 

The strange thing is that on my webhost.The user logs in . Is successfully redirected. Has access to the members page. But if they travel to another link within the members section the session vanishes.

 

Also please note that this works perfectly on my localhost.

 

 

 

 

 

 

   

[PFMaBiSmAd]

If changing pages after the session works results in them not working, it is either due to a header problem or the session.cookie_path or session.cookie_domain not being set to match the different page.

 

Add the following two lines to both the member's page and the page they navigate to in the members section -

 

ini_set ("display_errors", "1");
error_reporting(E_ALL);

 

That will tell you if there are any header/content related errors.

 

Check the settings on both systems for session.cookie_path or session.cookie_domain. The cookie_path matters if you are changing paths in the links -

 

yourdomain.com/path1/yourfile.com ... yourdomain.com/path2/someotherfile.com

 

The cookie_domain matters if you are changing hostname in the links -

 

yourdomain.com/yourfile.com ... www.yourdomain.com/someotherfile.com

 

 

 

[poleposters]

Thank you. I worked out what was wrong although I'm not sure exactly how it works.

 

A buffer was started in the header include. But I had neglected to flush it at the end of the scripts.

 

I've read the buffer topic in the PHP Manual but I am not sure if I understand it completely.

 

Can someone please explain its function to me and specifically how it relates to my scripts above?

 

Thank you.

[poleposters]

The problem has returned. Apparently it was a fluke that I was able to access the member pages at all. The strange thing is that if i refresh the page a few times, the members page will display.But only once every few times.\

 

I turned error reportiing on but am not yeilding any errors.

 

I've also checked my PHp info. cookie domain and the cookie path have the same values on both my local host and my webhost.

 

session.cookie_domain no value no value

session.cookie_path / /

 

Another strange thing is that I am echoing the session id at the top of the page and the session remains active and retains its id throughput the pages.

 

I am changing pages in the links. I go from www.mysite.com/loggedin.php to  www.mysite.com/add_coupon.php

[poleposters]

Hey I worked it out. My code was fine all along.

 

I had to change the save session path on my web host server to a different directory.