nitiphone2021 0 Posted Wednesday at 06:45 AM Share Posted Wednesday at 06:45 AM Hi friends. I have a problem with https about $_SESSION in php last time my website is working correctly with http but after change to https I can send value of session to another page login.php session_start(); $_SESSION['user_ID'] = 8; Action.php session_start(); echo "User ID = " . $_SESSION['user_ID'] ; //// It's not show any thing Thank you very much for your help Quote Link to post Share on other sites
requinix 958 Posted Wednesday at 06:56 AM Share Posted Wednesday at 06:56 AM Make sure every page on your website is being served over HTTPS. Also check your session cookie settings. Quote Link to post Share on other sites
nitiphone2021 0 Posted Wednesday at 07:17 AM Author Share Posted Wednesday at 07:17 AM 20 minutes ago, requinix said: Make sure every page on your website is being served over HTTPS. Also check your session cookie settings. Can you give me more example about served over HTTPS? It's my first time that I create web php on https Quote Link to post Share on other sites
requinix 958 Posted Wednesday at 07:20 AM Share Posted Wednesday at 07:20 AM Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted. With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS. Quote Link to post Share on other sites
nitiphone2021 0 Posted yesterday at 02:28 AM Author Share Posted yesterday at 02:28 AM On 1/13/2021 at 2:20 PM, requinix said: Browse around your site and make sure the browser always says the page is encrypted, or at least it never says it isn't encrypted. With Chrome, for example, a padlock icon on the left of the address bar means it's HTTPS. I already check all website are HTTPS. before I start session, I set session_set_cookie_params(0); what's the next step I need to check? Quote Link to post Share on other sites
requinix 958 Posted yesterday at 02:42 AM Share Posted yesterday at 02:42 AM But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there. There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags. Quote Link to post Share on other sites
nitiphone2021 0 Posted yesterday at 03:03 AM Author Share Posted yesterday at 03:03 AM 17 minutes ago, requinix said: But are you doing that for every place that calls session_start()? It's still better to configure the session cookie in your php.ini, not in code. Never have to think about it if it's configured there. There's more to a cookie than just its expiration. What are the details of the cookie as seen by your browser? I'm talking like domain, path, and flags. Can you give me a basic of php.ini. then every page I just add command include('php.ini');? on my brownser cookie: NAME = PHPSESSID content = 097bea5d9dd76cb2276566a737ae73b0 domain = legal-aid.moj.gov.la path = / send for = Same-site connections only Accessible to script = Yes Created = Friday, January 15, 2021 at 9:51:28 AM Expires = When the browsing session ends Quote Link to post Share on other sites
requinix 958 Posted yesterday at 04:28 AM Share Posted yesterday at 04:28 AM Looks alright. Is that the same information you see on the first page (which sets a session value) and the second page (which is unable to get the value back out)? Quote Link to post Share on other sites
Barand 1,617 Posted 23 hours ago Share Posted 23 hours ago 9 hours ago, nitiphone2021 said: then every page I just add command include('php.ini');? No need. That happens automatically. It's a case of "set it, forget it" Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.