Jump to content

Different behavior between hosting, and local


KillGorack
 Share

Recommended Posts

Basically, it's about a login that is persistent. On the host I use it works well no errors, but on my computer, I can log in, then after a page load, it's gone.

part of a class.

        session_name('__Secure-PHPSESSID');
        session_set_cookie_params([
            'lifetime' => 0,
            'path'     => '/',
            'domain'   => $_SERVER['SERVER_NAME'],
            'secure'   => true,
            'httponly' => true,
            'samesite' => 'Strict',
        ]);
        session_start();
        header("Content-Security-Policy: default-src 'self'");
        header("strict-transport-security: max-age=31536000");
        header('X-Frame-Options: sameorigin');
        header("X-XSS-Protection: 1; mode=block");
        header('X-Content-Type-Options: nosniff');
        header("Feature-Policy: vibrate 'none'");
        header("Referrer-Policy: no-referrer");
        header('Access-Control-Allow-Origin: *');
        header("Expect-CT: max-age=86400, enforce");
        header_remove("X-Powered-By");
        date_default_timezone_set($this->pdo->getSetting('timezone'));

I can re arrange the code above and it works but get some warnings.

like

"Session name cannot be changed when a session is active" 

admittedly I'm kind of lost.

Link to comment
Share on other sites

i played with this some, and the session_name should only contain alphanumeric characters. for the value shown, no session was started. i suspect that on the host where this 'doesn't fail', a session has already been started, the posted code actually does nothing, but php's error related settings are not  setup to display/log errors that would be alerting you to the problem.

Edited by mac_gyver
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.