PHP session variables not saving between pages

Question

I know this might be a duplicate question, but I can't seem to find an answer to my specific problem.

I have 3 PHP files. signin.php gets users data and passes it to signin_auth.php.

signin.php then redirects to mytoolkit.php after successful sign in.

signin_auth.php uses the following code at the very end of the PHP script:

<?
session_start();

$_SESSION['sessionID'] = $id;
$_SESSION['time'] = time();

header ("Location: mytoolkit.php");
exit;

?>

Then, the users is redirected to mytoolkit.php, which uses this code:

<?

session_start();

if (!isset($_SESSION['sessionID'])) {

    header('Location: signin.php?message=4');
        exit;

}

$inactive = 5400;
$session_life = time() - $_SESSION['time'];

if ($session_life > $inactive) { 

   session_destroy(); 
   header("Location: signin.php?message=5"); 
   exit;

}

?>

The session variables aren't storing and mytoolkit.php keeps redirecting me to signin.php?message=4

Probably a stupid mistake. I've just been looking at it too long.

UPDATE --

So I have a couple of servers. Both on iPage. I moved the entire folder over to a differnent server (abc.com/toolkit is now copied to xyz.com/toolkit) The app runs perfectly on xyz.com... it the first server that's giving me probelms.

There both run on the same hosting company. I'm not sure what to do.

why are you using session_life and inactive to destroy the session, and you're not letting php kill it by itself when it is inactive for X time that you can set in php.ini ?? — CodeBird
– CodeBird, Commented May 8, 2013 at 21:09
You say at the very end of sign auth there is that session code, are you outputting html or even a blank line somewhere before? — on_
– on_, Commented May 8, 2013 at 21:11
@on_, i was going to ask the same thing; code to the very end of page and session_start() cant go together, along with whitespaces prev to it. — user1299518
– user1299518, Commented May 8, 2013 at 21:13
white spaces inside php isn't an issue with session_start, as long as the white spaces aren't actual outputs it isn't an issue. — CodeBird
– CodeBird, Commented May 8, 2013 at 21:19
@on_, I'm not outputting any html - signing_auth.php is strictly php. — Sean McCully
– Sean McCully, Commented May 8, 2013 at 21:53

hichris123 · Accepted Answer · 2014-04-06 22:14:32Z

4

I finally figured it out... It was an issues with my php.ini file on iPage's server. For some reason, they had it set to

session.save_path = "/var/php_sessions"

Where it should be my document root. That's not the first time they've messed stuff up.

edited Apr 6, 2014 at 22:14

hichris123

10.3k15 gold badges58 silver badges70 bronze badges

answered May 9, 2013 at 17:08

Sean McCully

1191 gold badge3 silver badges12 bronze badges

Sign up to request clarification or add additional context in comments.

3 Comments

dsdsdsdsd Over a year ago

if I read this php docs page correctly, session.save_path should be defaulted to ""

dsdsdsdsd Over a year ago

on my local computer (php 5.3), session.save_path = "C:\SERVER\tmp", but on my webhost it was the same as Sean's: session.save_path = "/var/php_sessions" ... ... changing it to "" worked.

geekdenz Over a year ago

THIS IS MISINFORMATION! You do NOT want to store your sessions in your document root. It will expose everyone's sessions publicly unless the file permissions are right.

Amir · Accepted Answer · 2013-05-08 21:33:27Z

1

if you did not destroy session with session_destroy(); before if (!isset($_SESSION['sessionID'])) { statement, then a reason could be $id has null value.

answered May 8, 2013 at 21:33

Amir

4,1314 gold badges18 silver badges28 bronze badges

1 Comment

Korvo Over a year ago

session_destroy(); is not a good idea, unless you are sure what you are doing.

CodeBird · Accepted Answer · 2013-05-08 21:18:10Z

0

I think this is your issue

  $inactive = 5400;
  $session_life = time() - $_SESSION['time'];
  if ($session_life > $inactive) { 
       session_destroy(); 
       header("Location: signin.php?message=5"); 
       exit;
  }

answered May 8, 2013 at 21:18

CodeBird

3,8132 gold badges22 silver badges38 bronze badges

1 Comment

Sean McCully Over a year ago

I took it out completely, still failed. Thanks for your help though!

Hugo Delsing · Accepted Answer · 2013-05-08 21:30:55Z

0

If you use a header('location: example.com') in your script it is sending a 302 redirect to your browser. Now this is none permanent, but some browser still cache this result. Just google it

So it could very well be that your browser is redirecting your request before it even accesses your code. Try changing signin_auth.php to header ("Location: mytoolkit.php?t=".time()); and then call the page with some random parameter attached to prevent the first page from caching. EG: /signin_auth.php?t=random

answered May 8, 2013 at 21:30

Hugo Delsing

14.3k5 gold badges50 silver badges76 bronze badges

Comments

blokeish · Accepted Answer · 2016-06-20 07:08:46Z

0

I was running httpd as another user (not apache). On checking /etc/php.ini I found that "session directory must be owned by process owner". So in /etc/httpd/conf.d/php.conf I changed the following:

php_value session.save_path    "/var/lib/php/session"
php_value soap.wsdl_cache_dir  "/var/lib/php/wsdlcache"

to

php_value session.save_path    "/home/[httpduser]/php/session"
php_value soap.wsdl_cache_dir  "/home/[httpduser]/php/wsdlcache"

and reloaded httpd.

Not sure if it was a better idea to change the owner of /var/lib/php to [httpduser]

answered Jun 20, 2016 at 7:08

blokeish

6366 silver badges9 bronze badges

Collectives™ on Stack Overflow

PHP session variables not saving between pages

5 Answers 5

3 Comments

1 Comment

1 Comment

Comments

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

5 Answers 5

3 Comments

1 Comment

1 Comment

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Related