PHP Sessions not Working

[pugboy]

For some reason, the code below sets sessions on my localhost machine running WAMP Server, but not on any webhosts...

 

<?php
session_start();
include("func.php"); //Logs into the mysql database and defines functions
$regstring = "";
if($_POST["user"]!="" and $_POST["pass"]!=""){
$user = addslashes($_POST["user"]);	
$pass = <HASHING METHOD REMOVED FOR SECURITY REASONS>
<QUERY REMOVED FOR SECURITY REASONS)
$r = mysql_query($q) or die(mysql_error());
$rows = mysql_num_rows($r);
if($rows > 0){
	list($passv) = mysql_fetch_array($r);
	if($pass == $passv and $pass!=""){
		$_SESSION["username"] = "yes"; //Never gets set, except on localhost running WAMP Server
		$regstring = "Logged in correctly! Please wait while you are directed to the user control panel...";
	} else {
		$regstring = "Incorrect password for $user.";
	}
} else {
	$regstring = "There is no $user registered in the database. Check your spelling.";
}
}
?>

 

Am I doing something wrong in my code?

[Garethp]

Not entirely sure, but try using single quote like ' instead of "

[wildteen88]

Not entirely sure, but try using single quote like ' instead of "

That'll make no difference

 

 

Run phpinfo() on your hosted site(s) to see where your sessions are being stored.

 

You can change where your sessions are saved to by having the following in each page (before session_start) which uses sessions

ini_set('session.save_path', '/path/to/sessions');

 

Alternatively place a .htaccess in your sites root folder and add the following

php_value "session.save_path" "/path/to/sessions"

[pugboy]

Where should I use them?

 

 

$_SESSION['HERE?'] = 'or here'

 

Also, it looks as if there is no value for the save path. That must be it.

 

Thanks!

[pugboy]

Or not

 

I tried using:

ini_set('session.save_path', 'sessions/');

 

But it still doesn't work...

[DamienRoche]

basic structure for storing variables in sessions is:

 

------------------------

 

PAGE1

 

session_start();

 

$insertvariable = "this is some text";

$_SESSION['var'] = "$insertvariable";

 

PAGE2

 

session_start(); //must use to continue session

 

$retrievevariable = $_SESSION['var'];

 

echo "$retrievevariable";

 

-------------------------

 

Don't forget to destroy the session when necessary!

 

Hope that helps.

 

[pugboy]

I am pretty sure it doesn't have to do with my code... It works on my machine, and I have used sessions before.

[DamienRoche]

Sorry, I thought you needed help because you said this:

 

" Where should I use them?

 

 

$_SESSION['HERE?'] = 'or here' "

[pugboy]

I was wondering where I should use the single quotes, but it looks as if it is a PHP INI problem with no path set to session storage.

[wildteen88]

Or not

 

I tried using:

ini_set('session.save_path', 'sessions/');

 

But it still doesn't work...

When setting the path make sure you use a full path.

 

You'll be better of creating a sessions folder out side of your sites document root. Then create a .htaccess file in your document root and add the following

php_value session.save_path /full/path/to/sessions/

Now whenever you uses sessions PHP should save/read sessions from your sessions folder.

[pugboy]

Where should I put the line of code? I get an internal server error when it is at the end.

[wildteen88]

Umm, looks like your host may not allow the php_flag or php_value flags!

 

Get in contact with your host about this issue. They should be able to fix it.

[pugboy]

Ok, thanks

[PFMaBiSmAd]

Php settings cannot be put into a .htaccess file when php is running as a CGI application (they cause an internal serve error.) They can only be put into a .htaccess file when php is running as an Apache module.

 

It is very likely that your php installation has the session save path set to a default location and that sessions are able to work (and you never answered the question about what does a phpinfo() statement show for that setting.)

 

Add the following two lines immediately after your <?php tag to find out if there are any php detected errors -

 

ini_set ("display_errors", "1");
error_reporting(E_ALL);