Jump to content

PHP Session no longer working in javascript file


fastsol

Recommended Posts

I've got a weird one here.  Last night everything was working fine that I know of.  This morning my hosted dedicated server will no longer hold session data in a javascript file.  Meaning I have a couple javascript files that are .php extensions and inside them it has session_start() at the very top and then it sets the content type accordingly to a js file.  I have a couple things in there that output js code based on session data from php.  Up until last night this method has been working for a couple of years without any issue.  Get up this morning and none of it works.

 

I've gone over the whm changelog but the last update was 5 days ago, not last night.  I've checked any settings I could think of in the whm but nothing has fixed the issue.  Server is running php 5.6.  I run 7.1 on my local machine and all sites are working fine locally.  I've verified that the files on the web host are exactly the same as my local files.  The part that makes me sure it's a server issue is that it's not working for domains that I haven't touched in a while.

 

It's also not working when using jquery ajax requests even when I'm sending to a php file.  So the php file I'm sending to is also not keeping the session data.  Again these are files I have not touched in a while.  I don't understand what could have gone wrong.

Link to comment
Share on other sites

Make sure your session ID isn't changing. Otherwise it sounds like the session files are being lost or ignored. Can you figure out where the files are being stored and check them in code to see they're not empty or something?

 

Naturally things don't just break randomly - something happened somewhere.

Link to comment
Share on other sites

I can echo the session_id() from the javascript file and it's the same as the cookie in the developer console, even after refreshing the page a few times.

 

I can echo the session vars right up to the <script> call, so it's not being lost down the page.  Doing a dump on the session in the javascript file returns an empty array.

Link to comment
Share on other sites

Here is a basic test code that I can't even make work.

php page:

<?php
/**
 * Created by PhpStorm.
 */

session_start();

$_SESSION['loc_settings'] = 'something';

?>
<!DOCTYPE HTML>
<html lang="en">
<head></head>
	<body>
		<div id="location-root-map">Map goes here</div>
<script src="/site_specific/other_pages/defer-change-vehicle-display.php"></script>
</body>
</html>

Javascript file:

<?php 
error_reporting(E_ALL);
session_start();

header("Content-Type: application/javascript");

?>

<?php
if(isset($_SESSION['loc_settings']))
{
?>
	// Inserts the Google Maps iframe after page load
	$(document).ready(function(){
		$('#location-root-map').html('<iframe width="100%" frameborder="0" style="border:0" src="http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=<?php echo $_SESSION['loc_settings']['site_street'],'+',$_SESSION['loc_settings']['site_city'],'+',$_SESSION['loc_settings']['site_state'],'+',$_SESSION['loc_settings']['site_zip'];?>&aq=0&vpsrc=0&ie=UTF8&hq=&hnear=<?php echo $_SESSION['loc_settings']['site_street'],'+',$_SESSION['loc_settings']['site_city'],'+',$_SESSION['loc_settings']['site_state'],'+',$_SESSION['loc_settings']['site_zip'];?>&output=embed"></iframe>'
		);
	});
<?php
 unset($_SESSION['loc_settings']); 
}
?>


Looking at the output from the js file is empty.  Look at it on my local and it has content.  Display errors is on, even on the server.

Link to comment
Share on other sites

I"m assuming that you have named your JS file with a php extension.  Can you still load that file at the server since it is being added via a script tag and not a PHP include/require statement?  If it isn't loaded on the server then any php code inside that supposed-js file won't be executed.  No?

Link to comment
Share on other sites

path = /

domain = the correct domain. no www. my htaccess redirects everything to non www

http_only = no

 

I was able to resolve the issue for the moment by moving a couple files to the root, at least the site works now.  This is not ideal and doesn't answer why this happened though.  So I still would like any suggestions.  I can't find anything wrong with any setting or anything.  It worked last night and then didn't this morning.  I totally understand that something had to have happened, I just can't find it.

Link to comment
Share on other sites

I don't think this has anything to do with it, but there are some new lines in my htaccess that CPanel added during an update, but even if I comment out the lines it still doesn't work.

###########################
RewriteCond %{HTTP_HOST} ^www.mydomain.com$ [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ http://mydomain.com/$1 [R=301,L]
###########################

###########################
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f 
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^location/(.*)$ ./location-details.php?loc=$1
###########################

RewriteCond %{QUERY_STRING} ^product_id=(.*)$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule . %{REQUEST_URI}?product-id=%1 [R=301,L]

RewriteBase /
RewriteCond %{HTTP:Cookie} devicePixelRatio [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule \.(?:jpe?g|gif|png|bmp)$ /retinaimages.php [NC,L] 
RewriteCond %{REQUEST_FILENAME} !-s 
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)\.[\d]+\.(css|js)$ $1.$2 [L]

It's these 2 lines in each rewrite rule

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
Link to comment
Share on other sites

Though you've said stuff that suggests it might not be, this could be caused by two session cookies: one in the root, one in a subdirectory. If you put the Javascript file back where it was (not in the root) with

alert("=session_id()?>");
and have the source .php output its session_id(), do the two values match?
Link to comment
Share on other sites

Though you've said stuff that suggests it might not be, this could be caused by two session cookies: one in the root, one in a subdirectory. If you put the Javascript file back where it was (not in the root) with

alert("<?=session_id()?>");
and have the source .php output its session_id(), do the two values match?

 

Yes the id was the same no matter what I did.  That was one of my thoughts too, but led me nowhere.

Link to comment
Share on other sites

add a session_write_close(); after the line where you are setting the session variable, to see if that solves the problem. you in fact should be finished assigning or changing any session data before you get to the start of your html document and can write/close the session file (the $_SESSION variables will still exist with their current value in them.)

 

you are likely getting a session file locking problem, where the main code has created the session data file but hasn't actually written the data to the file when the javascript code starts its session. the session id's match, but there's no data in the file for the javascript session to read.

 

so, why would something cause a change in the operation of your scripts? perhaps the network speed where your server is located changed or the time it takes to finish running the rest of the code in your main file suddenly started taking longer (database queries perhaps or doing include/requires of remote files) so that it is taking longer for the main file to end and write and close the session data file.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.