[SOLVED] Sessions

[waynewex]

Firstly; I know its not a problem with my code as it has worked perfectly on other hosts. It's just this one host seemingly - it doesn't seem to allow sessions to be used? Have any of you ever come across this before? What could they have done to stop sessions being used?

[corbin]

Can we see some code?

 

 

I very seriously doubt they don't allow sessions.

[waynewex]

Can we see some code?

 

 

I very seriously doubt they don't allow sessions.

 

Seriously. It's a cms application that I use for all my clients. It has worked on every server except this one.

 

function give_login($user_id,$name,$email){
$_SESSION['user_id'] = $user_id;
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
$_SESSION['logged_in'] = mktime();
$_SESSION['fingerprint'] = md5($_SERVER['HTTP_USER_AGENT'].$user_id."0jsj8du(s!shsoP!2RT");
}

 

 

[Daniel0]

Maybe the write permissions to the session folder (usually the OS tmp folder) are screwed. You could try changing the path or writing a save handler to store it in a RDBMS instead.

[waynewex]

Maybe the write permissions to the session folder (usually the OS tmp folder) are screwed. You could try changing the path or writing a save handler to store it in a RDBMS instead.

 

I'm going to submit a ticket first and if I get nowhere with that I'll have to use a handler.

[PFMaBiSmAd]

Most session problems would be exposed by setting full error_reporting/display_errors before a session_start() statement. Also, if php was configured to only use session.use_trans_sid to propagate the session id but your code does take that into account, your sessions would not necessarily work.

 

What are the exact symptoms and what have you done to troubleshoot what sessions are or are not doing?

[corbin]

Can we see some code?

 

 

I very seriously doubt they don't allow sessions.

 

Seriously. It's a cms application that I use for all my clients. It has worked on every server except this one.

 

function give_login($user_id,$name,$email){
$_SESSION['user_id'] = $user_id;
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
$_SESSION['logged_in'] = mktime();
$_SESSION['fingerprint'] = md5($_SERVER['HTTP_USER_AGENT'].$user_id."0jsj8du(s!shsoP!2RT");
}

 

 

 

 

I hate to ask an insultingly simple question, but you do have session_start() somewhere, right?

 

 

Also, you don't have any whitespace before it right?  (Your previous hosts could have had buffering turned on so it would've been possible to not notice the whitespace.)

 

But yeah, I would guess that Daniel was right with the /tmp dir thing...

[waynewex]

Most session problems would be exposed by setting full error_reporting/display_errors before a session_start() statement. Also, if php was configured to only use session.use_trans_sid to propagate the session id but your code does take that into account, your sessions would not necessarily work.

 

What are the exact symptoms and what have you done to troubleshoot what sessions are or are not doing?

 

Basically, when a user attempts to log into the application, they're either given a session and redirected to the main panel or they're presented with an error message. I get nada. I forced error reporting before session_start() but I get nothing.

[waynewex]

Can we see some code?

 

 

I very seriously doubt they don't allow sessions.

 

Seriously. It's a cms application that I use for all my clients. It has worked on every server except this one.

 

function give_login($user_id,$name,$email){
$_SESSION['user_id'] = $user_id;
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
$_SESSION['logged_in'] = mktime();
$_SESSION['fingerprint'] = md5($_SERVER['HTTP_USER_AGENT'].$user_id."0jsj8du(s!shsoP!2RT");
}

 

 

 

 

I hate to ask an insultingly simple question, but you do have session_start() somewhere, right?

 

 

Also, you don't have any whitespace before it right?  (Your previous hosts could have had buffering turned on so it would've been possible to not notice the whitespace.)

 

But yeah, I would guess that Daniel was right with the /tmp dir thing...

 

Yea, I have session_start() in my config file. My config file then requires class files etc. There's also no whitespace. :/

[corbin]

Are errors set to display?

 

 

 

Also, does anything get displayed at all?  If nothing is getting displayed at all, perhaps it is a parse error and error_display is set to 0.

[waynewex]

Are errors set to display?

 

 

 

Also, does anything get displayed at all?  If nothing is getting displayed at all, perhaps it is a parse error and error_display is set to 0.

 

The login page is just displaying as if I had never tried to login. I tried entering an incorrect password and sure enough, I got back an error message. I set the errors to display, but yet again, same problem. Was working fine on my localhost.

[PFMaBiSmAd]

I'm sticking with php is not configured to use only cookies for the sesison id.

 

What does a phpinfo(); statement show for all the session.xxxxx settings?

[waynewex]

I've got it working. In the code, I was also setting cookies. I took out the cookies and it worked. Not sure why exactly.

[PFMaBiSmAd]

If the existence of a cookie affects sessions, either they have configured the session name to be the same as one of your cookie names or you have a session variable and a cookie with the same name and register_globals are on.

[waynewex]

If the existence of a cookie affects sessions, either they have configured the session name to be the same as one of your cookie names or you have a session variable and a cookie with the same name and register_globals are on.

 

I think you've hit the nail on the head there!

[GingerRobot]

Why do hosts still have register globals on?

[Daniel0]

Because they have no idea what they are doing, or they don't care because their customers don't know what they're doing.