nitiphone2021 0 Posted January 13 Share Posted January 13 Hi friends. I have a problem with https about $_SESSION in php last time my website is working correctly with http but after change to https I can send value of session to another page login.php session_start(); $_SESSION['user_ID'] = 8; Action.php session_start(); echo "User ID = " . $_SESSION['user_ID'] ; //// It's not show any thing Thank you very much for your help Quote Link to post Share on other sites
requinix 960 Posted January 13 Share Posted January 13 Make sure every page on your website is being served over HTTPS. Also check your session cookie settings. Quote Link to post Share on other sites
nitiphone2021 0 Posted January 13 Author Share Posted January 13 20 minutes ago, requinix said: Make sure every page on your website is being served over HTTPS. Also check your session cookie settings. Can you give me more example about served over HTTPS? It's my first time that I create web php on https Quote Link to post Share on other sites
Solution requinix 960 Posted January 13 Solution Share Posted January 13 Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted. With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS. 1 Quote Link to post Share on other sites
nitiphone2021 0 Posted Friday at 02:28 AM Author Share Posted Friday at 02:28 AM On 1/13/2021 at 2:20 PM, requinix said: Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted. With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS. I already check all website are HTTPS. before I start session, I set session_set_cookie_params(0); what's the next step I need to check? Quote Link to post Share on other sites
requinix 960 Posted Friday at 02:42 AM Share Posted Friday at 02:42 AM But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there. There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags. Quote Link to post Share on other sites
nitiphone2021 0 Posted Friday at 03:03 AM Author Share Posted Friday at 03:03 AM 17 minutes ago, requinix said: But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there. There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags. Can you give me a basic of php.ini. then every page I just add command include('php.ini');? on my brownser cookie: NAME = PHPSESSID content = 097bea5d9dd76cb2276566a737ae73b0 domain = legal-aid.moj.gov.la path = / send for = Same-site connections only Accessible to script = Yes Created = Friday, January 15, 2021 at 9:51:28 AM Expires = When the browsing session ends Quote Link to post Share on other sites
requinix 960 Posted Friday at 04:28 AM Share Posted Friday at 04:28 AM Looks alright. Is that the same information you see on the first page (which sets a session value) and the second page (which is unable to get the value back out)? Quote Link to post Share on other sites
Barand 1,617 Posted Friday at 12:49 PM Share Posted Friday at 12:49 PM 9 hours ago, nitiphone2021 said: then every page I just add command include('php.ini');? No need. That happens automatically. It's a case of "set it, forget it" Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.