Jump to content

session variables not working anymore

Beasts

By Beasts
in PHP Coding Help

 Share

Recommended Posts

Beasts Newbie

Beasts

Posted
Posted

hello,

i use sessions to handle authentication within my site. my host has been changing a lot of settings in the server recently for "security purposes". and the technicians are pretty much clueless about what they are doing. they changed something in the configuration and all of a sudden the sessions dont seem to be working. i suspect register_globals. can anyone tell me the possible reasons for this?

 

they also played with the open_basedir setting and now i cant seem to be able to upload files because "/tmp" is restricted. i would appreciate it if you can tell me a workaround to it too.

 

/edit:

just did a var_dump on $_SESSION and it gives NULL

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted

hello,

i use sessions to handle authentication within my site. my host has been changing a lot of settings in the server recently for "security purposes". and the technicians are pretty much clueless about what they are doing. they changed something in the configuration and all of a sudden the sessions dont seem to be working. i suspect register_globals. can anyone tell me the possible reasons for this?

 

they also played with the open_basedir setting and now i cant seem to be able to upload files because "/tmp" is restricted. i would appreciate it if you can tell me a workaround to it too.

 

/edit:

just did a var_dump on $_SESSION and it gives NULL

 

It'd help to know about your server. What I'd really recommend doing is just writing 

<?php phpinfo(); ?>

into a new file and viewing it. It'd display everything they've done to the server and provide the much needed relevant information.

 

What version of PHP are you now at? Is register_globals on when seeing the config?

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted

i would've done so in the first post if that wasnt being a problem. for some reason phpinfo() does not work! it gives a blank page! they disabled it in the name of security or something?

 

Hmm.. I've heard shared hosts disabling this to disallow the user to view configuration (paths etc.). If they've gone this far to protect themselves, than I believe that the host isn't worth their salt..

 

Anyway, why not try a global and test? $HTTP_HOST for example.

 

Link to comment
Share on other sites
teamatomic Newbie

teamatomic

Posted
Posted

What does php_info() say, when  it is disabled it is many times able to be used through your control panel, especially on free hosters

 

The fix probably has to come from your hoster as I dont think that you can set the base or access to the Upload_tmp_dir in .htaccess because these need to be set when PHP starts. This is probably a good clue as to when the time is to find another host.

 

 

HTH

Teamatomic

 

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted

can you explain the last part a bit more?

<?php
    $_POST['foo'] == 'bar';
    echo $HTTP_POST_VARS;
?>

What do you get if you run this? If $HTTP_POST_VARS comes up as an undefined variable, than register_globals is off.

 

@TeamAtomic, It's already been stated that PHPinfo was off.

 

EDIT: 

<?php
   echo 'Current PHP version: ' . phpversion();
?>

That should help as well.

Link to comment
Share on other sites
teamatomic Newbie

teamatomic

Posted
Posted

What does php_info() say, when  it is disabled it is many times able to be used through your control panel, especially on free hosters

 

Many of the hosters that turn it off do so by default with an upgrade to their control panel. The panel then provides an nice little colored icon somewhere among the many little colored icons to view php info. Just cause you can make a php file with php_info() in it does not mean the info is not available.

 

 

HTH

Teamatomic

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted 

<?php
    $_POST['foo'] == 'bar';
    echo $HTTP_POST_VARS;
?>

What do you get if you run this? If $HTTP_POST_VARS comes up as an undefined variable, than register_globals is off.

 

$HTTP_POST_VARS has nothing to do with register globals being on or off.

Link to comment
Share on other sites
Beasts Newbie

Beasts

Posted
  • Author
Posted

php_info or phpinfo all gives blank pages. they only provided ftp access. no control panel. this host sucks =/ but the company i work for cant move. you wont believe the reason if i did :P

 

anyway i got this Undefined variable: HTTP_POST_VARS

Link to comment
Share on other sites
oni-kun Member

oni-kun

Posted
Posted

php_info or phpinfo all gives blank pages. they only provided ftp access. no control panel. this host sucks =/ but the company i work for cant move. you wont believe the reason if i did :P

 

anyway i got this Undefined variable: HTTP_POST_VARS

 

What about the PHP version? It's funny, my old host bumped me down to 4.3 for some reason.. safely to say I moved.

 

If PHP is run as a module than you're able to change, atleast some settings with .htaccess, such as open_basedir.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Post the code you are using to with the phpinfo(); statement, including showing us the opening php tag you are using.

 

Have you got full php error reporting turned on so that any session related errors would be reported and displayed?

 

At least add the following lines of code immediately after your first opening <?php tag (before any session_start() statement) -

 

ini_set("display_startup_errors", "1");
ini_set("display_errors", "1");
error_reporting(E_ALL);

 

And for all we know your code is using old methods that were depreciated over 7 years ago. What is your code that is setting the $_SESSION variables and what is your code that is showing them as a NULL, including showing us everything from the start of the files up to the relevant instructions.

Link to comment
Share on other sites
Beasts Newbie

Beasts

Posted
  • Author
Posted

okay just discovered what the problem was and informed the host.

it was open_basedir settings or something which was preventing the sessions from being stored in /tmp

i added a .htaccess file with the following and created a custom /tmp folder. now the sessions are being written normally :)

 

php_value session.save_path /tmp

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.