PHP 5.2 Sessions

[audiodef]

Has anyone gotten PHP 5.2 and Apache 2.2 on Windows XP SP2 working with sessions? This is far from my first post about this, and I have been searching for days, as well as attempting various configurations, all to no avail. If anyone else has gotten sessions working with these versions, please post here how you did it. I've had one person on another forum post that he just followed instructions, which is what I did in the first place, but sessions are still not working on my localhost. I can see session files being created, but session data is simply not being passed from one page to the next, and instead a new session file is created for every new page. I understand that PHP 5.2 handles sessions a little differently, in terms of GC in particular, but I still don't see that I've configured it wrong.

[alpine]

I have the same issue,
sessions seems to be created in wamp/tmp but on print_r its an empty array( )

Looking for any solutions... (problem on: win xp sp2)

*EDIT: changed the session save path in php.ini to --> session.save_path = "C:\WINDOWS\Temp" and restarted.
I could actually in one occaition get sessions to work if i updated each dependant page once, but on first pageload, no $_SESSION['name'] is set.

[mike_at_hull]

Yes, I think I have the same problem too.

I think the problem is in using localhost. I am running php 5.2.0 on apache 2.0.59.

I can see that sessions are set up in PHP, but they are not working. My PHP Set from PHPinfo is reporting the following: -

Session Support  enabled 
Registered save handlers  files user 
Registered serializer handlers  php php_binary wddx 

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 Off Off
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path c:\tmp c:\tmp
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path c:\tmp\ c:\tmp\
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies On On
session.use_trans_sid 1 1



If I set the session.save_path in my php.ini to ="c:\tmp" it seems to write session variables ok - no error comes up. But when I try to retrieve the variables I get "undefined index" errors.

If I change the session.save_path to ="4:c:\tmp" or another integer number I get the following error when trying to write the session variables

"warning: session_start()[function session_start]: open (.....) failed: no such file or directory..."

When this happens the system tries to split up the session id into a number of subdirectories off the c:\tmp directory e.g. c:\tmp\f\d\0\s\b092.... this example would be if the node integer was set to 4.

I have checked the permissions on the c:\tmp directory and they are ok and I have tried to use different directories to store sessions in, but it makes no difference.

I haven't been able to sort this for a couple of weeks now and it's bugging me. Anyone any ideas?

[wildteen88]

I believe your problem is due to the session.cookie_path

You have it set to C:/tmp

Change it so its set to / like so:

[code]session.cookie_path = /[/code]

Save the php.ini and restart the server. Your cookies should now work.

[alpine]

Actually it is already set like that, paste from the php.ini in Apache2/bin
[code]

[Session]
; Handler used to store/retrieve data.
session.save_handler = files

; Argument passed to save_handler.  In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; As of PHP 4.0.1, you can define the path as:
;
;    session.save_path = "N;/path"
;
; where N is an integer.  Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories.  This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
;        You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;        use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
;    session.save_path = "N;MODE;/path"
;
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
;session.save_path = "c:/wamp/tmp"
;session.save_path = "C:\WINDOWS\Temp"
session.save_path = "c:/tmp"

; Whether to use cookies.
session.use_cookies = 1

; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1

; Name of the session (used as cookie name).
session.name = PHPSESSID

; Initialize session on request startup.
session.auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0

; The path for which the cookie is valid.
session.cookie_path = /

; The domain for which the cookie is valid.
session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
session.cookie_httponly =

; Handler used to serialize data.  php is the standard serializer of PHP.
session.serialize_handler = php

; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.

session.gc_probability = 1
session.gc_divisor    = 100

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440

; NOTE: If you are using the subdirectory option for storing session files
;      (see session.save_path above), then garbage collection does *not*
;      happen automatically.  You will need to do your own garbage
;      collection through a shell script, cron entry, or some other method.
;      For example, the following script would is the equivalent of
;      setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm

; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning seperately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.

session.bug_compat_42 = 1
session.bug_compat_warn = 1

; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =

; How many bytes to read from the file.
session.entropy_length = 0

; Specified here to create the session id.
session.entropy_file =

;session.entropy_length = 16

;session.entropy_file = /dev/urandom

; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache

; Document expires after n minutes.
session.cache_expire = 180

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;  to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;  in publically accessible computer.
; - User may access your site with the same session ID
;  always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0

; Select a hash function
; 0: MD5  (128 bits)
; 1: SHA-1 (160 bits)
session.hash_function = 0

; Define how many bits are stored in each character when converting
; the binary hash data to something readable.
;
; 4 bits: 0-9, a-f
; 5 bits: 0-9, a-v
; 6 bits: 0-9, a-z, A-Z, "-", ","
session.hash_bits_per_character = 4

; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs.  If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="


[/code]

Now it stores sessions in the tmp folder that i have in the above ini, just won't read them at all

Is this a windows issue ? dmn - i must really consider a separate local server running on linux. This is my absolute first attempt in setting up a local server with php and mysql, currently to try and learn something  :o
Everything else works as i can see just great.

I also ran throug a filecompare with the php.ini i use where i have hosted my webpages, and it's similar now exept for the win issues.

[alpine]

I don't know if i should cry, burry my self, burry my computer, or simply just give a flat **** and buy myself a good old fashion newspaper!

All this time it was the computer firewall (ZoneAlarm Pro) that wiped out all cookie and session variables. Some kind of bulb stroke my head and i turned it off, and what do you see - sessions work  :-*

I can confort myself with the fact that i probably have some sort of local record in reading wamp and lamp tutorials in one night - and i probably could duplicate both the php.ini and httpd.conf file just out of my plain memory right now  ::)


* FINAL SOLUTION EDIT: *
By unchecking the "Remove Private Header" option in "Privacy" it runs ok with the firewall ON
The final ini opt: session.save_path = "C:\wamp\tmp"