Jump to content

PHP https with $_SESSION send to another page


Go to solution Solved by requinix,

Recommended Posts

Hi friends.

I have a problem with https about $_SESSION in php

last time my website is working correctly with http but after change to https I can send value of session to another page

 

login.php

session_start();

$_SESSION['user_ID'] = 8;

 

Action.php

session_start();

echo "User ID = " . $_SESSION['user_ID'] ; //// It's not show any thing

 

Thank you very much for your help

Link to post
Share on other sites
20 minutes ago, requinix said:

Make sure every page on your website is being served over HTTPS. Also check your session cookie settings.

Can you give me more example about served over HTTPS? It's my first time that I create web php on https

Link to post
Share on other sites
  • Solution

Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted.
With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS.

  • Like 1
Link to post
Share on other sites
On 1/13/2021 at 2:20 PM, requinix said:

Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted.
With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS.

I already check all website are HTTPS.

before I start session, I set   session_set_cookie_params(0);

what's the next step I need to check?

Link to post
Share on other sites

But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there.

There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags.

Link to post
Share on other sites
17 minutes ago, requinix said:

But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there.

There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags.

Can you give me a basic of php.ini. then every page I just add command include('php.ini');?

on my brownser cookie:

NAME = PHPSESSID

content = 097bea5d9dd76cb2276566a737ae73b0

domain = legal-aid.moj.gov.la

path = /

send for = Same-site connections only

Accessible to script = Yes

Created = Friday, January 15, 2021 at 9:51:28 AM

Expires = When the browsing session ends

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.