Why does PHP not save session variables for specific users with Internet Explorer?

Question

I have a problem with a website where PHP does not save session variables for specific users with Internet Explorer. But for some other users with Internet Explorer there is no

Answer 1

I can't exactly tell you why on/after the first request, the cookie seems to get lost. (That is what I guess is going on.) And why on/after the second request is does NOT get lost.

Perhaps indeed a caching issue. Check the Developer tools, and look at what exactly is going on in the network tab. Is the first request coming in with a 200 - OK, and does the response contain a cookie header? Or is it indeed cached, as one of the comments suggested?

But in the end you should actually implement correct session id passing (read it). This is meant for people who dont want or can't handle cookies.

Basicly it means changing:

Next

into:

Next

or:

enabling --enable-trans-sid

Now when PHP notices sessions are not passed by cookies, it will give them along in a less secure way, in the URL. Especially in this case you would need session_regenerate_id().

edit: Ow yeah, I wanted to mention it earlier, but then thought it couldn't be it. But on second thought I will still mention it! :

Cookies are domain specific by default. If the user goes to http://yourdomain.com (without www.) , and the second request goes to http://www.yourdomain.com , the cookie will not survive the domain change! Thus affecting your session.

To fix this, either set the session cookie domain, or always use the same domain (either with, or without www.)