Jump to content

session variables not available


Thomas_Bode

Recommended Posts

Having an issue with a form working on a Windows server but not on a Linux box. Session Variables initialized in one form do not appear to be available in another. Index1 submits input to as1.php. as1.php assigns input to session variables, then calls au1.php. au1.php detects any errors and sets an error message index and returns to index1.php. Index1.php displays error message and should contain the session variable values but they are empty. This works correctly on a Windows system, but not on the Linux box.

Link to comment
Share on other sites

you are likely getting a php error that would help identify the problem. is php's error_reporting set to E_ALL (it should always be this value) and either temporarily set display_errors to ON so that the reported errors will get displayed, or set/make sure that log_errors is set to ON and check the php error log. also, either check what a phpinfo() statement shows on both systems for the output_buffering setting, since it can both affect how your code works and can hide non-fatal php errors and debugging statements you put into your code.

next, your description of the coding has you writing an maintaining a bunch of extra code and redirecting around on your site. the code for any form processing/form should be on the same page. the only redirect you should have in your code should be upon successful completion of the post method form processing and it should be to the exact same URL of the current page to cause a get request for that page. 

Link to comment
Share on other sites

I just described a very trivial example of php codes that cause the condition. My production code is much more refined and rigorous. As I indicated previously, this code works on a windows system so I believe that it is something Linux version related.

72.241.40.98 - - [26/Sep/2024:03:07:36 +0000] "GET /index1.php HTTP/1.1" 200 7808
72.241.40.98 - - [26/Sep/2024:03:07:50 +0000] "POST /as1.php HTTP/1.1" 302 -
72.241.40.98 - - [26/Sep/2024:03:07:50 +0000] "GET /au1.php HTTP/1.1" 200 63
72.241.40.98 - - [26/Sep/2024:03:07:50 +0000] "GET /index1.php?message=4 HTTP/1.1" 200 8015

Linux, then Windows

Linux Error.PNG

Windows Error.PNG

Edited by Thomas_Bode
Labeled images
Link to comment
Share on other sites

the problem is most likely going to be something preventing the session_start() from working, which php's error reporting and display/logging will tell you. so, setup php's error_reporting and display_errors/log_errors as suggested, and confirm that they actually got set to those values by using a phpinfo() statement in a .php script.

1 hour ago, Thomas_Bode said:

/index1.php?message=4

doing this ^ opens your site up to a phishing attack, where someone can trick one of your users to enter their login credentials on the phishing site, then redirect them to your site and get your site to display a message to make it look like they just mistyped the values. don't redirect all over your site and don't put values on the end of the URL that determine what the user will see in the way of messages.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.