jdlev Posted October 2, 2009 Share Posted October 2, 2009 Can anyone think of any ideas why the following code would create a session file, and then not put anything in it? Its basically a session file with absolutely nothing in it? Any help is greatly appreciated - TIA! Link to comment https://forums.phpfreaks.com/topic/176247-php-writes-blank-sessions/ Share on other sites More sharing options...
btherl Posted October 2, 2009 Share Posted October 2, 2009 The following code? Being out of disk space is one cause of 0 sized files where there ought not to be 0 sized files. Link to comment https://forums.phpfreaks.com/topic/176247-php-writes-blank-sessions/#findComment-928823 Share on other sites More sharing options...
jdlev Posted October 2, 2009 Author Share Posted October 2, 2009 Here's the code: <?php //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $login = clean($_POST['login']); $password = clean($_POST['password']); //Input Validations if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } //Create query $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 0) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { //Login failed header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> Link to comment https://forums.phpfreaks.com/topic/176247-php-writes-blank-sessions/#findComment-928824 Share on other sites More sharing options...
jdlev Posted October 2, 2009 Author Share Posted October 2, 2009 The following code? Being out of disk space is one cause of 0 sized files where there ought not to be 0 sized files. There is still a lot of disk space remaining, so I don't think that is it. I think it might be a file rights issue? It writes the session files to the C:/WINNT/TEMP folder. Perhaps it doesn't have the ability to make changes to the file? If that is the case, which user do I need to grant access to the TEMP folder, and what level permission should I grant them. I'm trying to keep the site as secure as possible. Link to comment https://forums.phpfreaks.com/topic/176247-php-writes-blank-sessions/#findComment-928827 Share on other sites More sharing options...
btherl Posted October 2, 2009 Share Posted October 2, 2009 To narrow down the possibilities, do you get 0 sized session files with this code: <?php session_start(); $_SESSION['canyouseeme'] = true; ?> If it is an NT permission issue I can't help you.. hopefully someone else here can. Link to comment https://forums.phpfreaks.com/topic/176247-php-writes-blank-sessions/#findComment-928830 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.