Session Variables Across Different Browsers

[rghollenbeck]

Thanks to some help from Ch0cu3r and mac_gyver, I was convinced to explore session variables.  My first experience is pretty good with Firefox, but not so much for Opera, Chrome, and IE.  Here's my first experiment which I tried on all four browsers:
 

if (isset($_SESSION["CrazyPageLoadCounter"]))

{

$_SESSION["CrazyPageLoadCounter"]++;

echo("<br /> Page loaded " . $_SESSION['CrazyPageLoadCounter'] . " times.");

} else {

echo("<br />First time loading page. Page loading being initialized to 1.");

$_SESSION['CrazyPageLoadCounter']=1;

}

All three browsers displayed
 

First time loading page. Page loading being initialized to 1.

on the first load, but only Firefox continued to increment to 2, 3, 4, etc. on subsequent reloads, while the others were stuck on stupid.  Or was it my code?

 

Thanks.

[Ch0cu3r]

Your code is fine. But are you are calling session_start at the top of the page that uses $_SESSIONS?

[rghollenbeck]

Your code is fine. But are you are calling session_start at the top of the page that uses $_SESSIONS?

 

 

Yes sir.

[kicken]

Check your browsers to make sure they are configured to allow cookies. If they are rejecting the session id cookie then each page load will be starting a new session. One way to check whether you are getting a new session or not is to echo the result of session_id. If it changes on each load then you're getting a new session each time.

[rghollenbeck]

Check your browsers to make sure they are configured to allow cookies. If they are rejecting the session id cookie then each page load will be starting a new session. One way to check whether you are getting a new session or not is to echo the result of session_id. If it changes on each load then you're getting a new session each time.

 

Yep!  That was the problem.  Here's what I did:

$ses_id = session_id();
echo $ses_id;

The other three browsers are all reporting a new session id with each page load.  At least they are getting a session ID. 

 

However, Cookies ARE enabled on Opera and Chrome.  I'm checking now on IE...

 

 

 

 

 

[rghollenbeck]

Yep!  That was the problem.  Here's what I did:

$ses_id = session_id();
echo $ses_id;

The other three browsers are all reporting a new session id with each page load.  At least they are getting a session ID. 

 

However, Cookies ARE enabled on Opera and Chrome.  I'm checking now on IE...

 

 

 

 

 

 

All three of the browsers affected (IE, Chrome, and Opera) are accepting cookies but they get a new session ID every time the page is reloaded.  IE has the strangest cookie settings.  I need to slide a bar up or down to select one of about five security settings.  Mine is currently set to "Low" (second from the bottom.)  Is there another possible reason why these browsers are getting a new session ID after each page reload?

[kicken]

Use the browser's Network debug tools (or an external tool like Fiddler2) to check the Set-cookie: header that is sent. If the browsers are rejecting the cookies even though their settings should be allowing them, then perhaps the parameters of the Set-Cookie header are invalid (bad domain, incorrect path, etc). If they are invalid, then check your php.ini settings and correct them.

 

I've also heard before (but don't know if it's fact) that some browsers will not accept cookies from domains with invalid characters (ie, domains with an _) or no dots (ie, localhost). So if you are just using http://localhost/ to access the site, the browser may drop the cookie due to no dots in the domain 'localhost'. If you are just using localhost, edit your hosts file (and possibly apache config) to add a domain with a dot and then use that instead. I usually setup a domain like site.local for all my development sites, where site is the name of (or abbrivation of) the website.

[rghollenbeck]

Use the browser's Network debug tools (or an external tool like Fiddler2) to check the Set-cookie: header that is sent. If the browsers are rejecting the cookies even though their settings should be allowing them, then perhaps the parameters of the Set-Cookie header are invalid (bad domain, incorrect path, etc). If they are invalid, then check your php.ini settings and correct them.

 

I've also heard before (but don't know if it's fact) that some browsers will not accept cookies from domains with invalid characters (ie, domains with an _) or no dots (ie, localhost). So if you are just using http://localhost/ to access the site, the browser may drop the cookie due to no dots in the domain 'localhost'. If you are just using localhost, edit your hosts file (and possibly apache config) to add a domain with a dot and then use that instead. I usually setup a domain like site.local for all my development sites, where site is the name of (or abbrivation of) the website.

 

There is no underscore in the domain. It's just a regular www.domain.com website, But since it is in development and testing mode, I have it temporarily hidden away in a subdirectory called "php_projects" because it is not ready for prime time.  I changed the folder name to "phpprojects" but that made no difference.  I think it is time to find out what Fiddler2 is.

 

I will leave this thread open while I explore Fiddler2.  Thank you very much.

[rghollenbeck]

All the browsers are now keeping and using session variables.  Thanks to everybody.

 

I don't know if Fiddler 2 did the trick or if I just got lucky, but I installed a missing jqiery library that was referenced even though I never called it, and I added the session_start() to the other .php files even though I wasn't going to them at the time I had the problem.. Whatever it was, it is now working great all over.