发表新帖
发表新帖

PHP Session not Saving

前端 未结
关注
9 1062
情话喂你
情话喂你 2020-12-03 17:39

I have this written at the very first line on every page of my website. 

include(\"restd.php\");

and restd.php contains the following lines

相关标签:
9条回答
  • 离开以前
    2020-12-03 17:48

    Your session directory (probably /tmp/) is not writable.

    Check with session_save_path() if it is writable.

    if (!is_writable(session_save_path())) {
    echo 'Session path "'.session_save_path().'" is not writable for PHP!'; 
}
    0 讨论(0)
  • 醉酒成梦
    2020-12-03 17:48

    In my case I forgot that I had the PHP flag session.cookie_secure set to on, while the development environment was not TLS-secured.

    More information about Session/Cookie parameters.

    0 讨论(0)
  • 余生分开走
    2020-12-03 17:49

    I had the same problem and found a work-around for it. If anybody can explain why the session is not read even when the cookie is there, please let me know.

    <?php
//  logged.php
//  The PHP session system will figure out whether to use cookies or URLs to pass the SID

if(!isset($_COOKIE['PHPSESSID']) && !isset($_GET['PHPSESSID']) && authenticationRoutine(/* Returns true if succesfully authenticated */) ) {
    session_id(uniqid("User--"));
    session_start();
    $_SESSION['id']=session_id();
}

?>



<?php
//  Insecure restd.php (The user can forge a stolen SID cookie or URL GET request, but that is inherent with PHP sessions)

if(!isset($_COOKIE['PHPSESSID']) && !isset($_GET['PHPSESSID']) {header('Location: index.php')}

?>

    .

    [EDIT]

    Even though the cookie was there and I prevented starting a new session, the session had not been read and started, so no session variables were available. In this case I check if the session has been started first (not using session_status() because it doesn't exist in PHP 3.5, which for some reason is the most widespread among hosts). If no session has been started within PHP, I check if it had been started before by testing the cookies and GET variables. If a session ID was found, the script resumes the session with that ID. If no ID is available, the user gets redirected to the index.

    <?php
//  restd.php
if(empty(session_id())) {
    if(isset($_COOKIE['PHPSESSID']) && !empty($_COOKIE['PHPSESSID'])) {session_id($_COOKIE['PHPSESSID']);}
    elseif(isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {session_id($_GET['PHPSESSID']);}
    else {header('Location: index.php'); exit(0);}
    session_start();
}
    0 讨论(0)
  • 梦如初夏
    2020-12-03 17:50

    Couple things:

    1. your include file doesn't have the <?php ?> tags, so the content will not be evaluated as PHP

    2. Session_start must be called before you start outputting anything. Is that the case?

    0 讨论(0)
  • 离开以前
    2020-12-03 17:51

    you need declare $_SESSION['id'] :

    file1.php

    session_start();

$_SESSION['id'] = '123'

    file2.php

    include 'file1.php'

if(isset($_SESSION['id']))
{

}
else
{
  header("location:index.php");
}
    0 讨论(0)
  • 执笔经年
    2020-12-03 17:55

    You still don't even answer where you SET $_SESSION['id']. $pid = $_SESSION['id'] does not set the session variable. session_start() comes before ANYTHING session related, it's not shown before your include.

    0 讨论(0)
 看不清?
提交回复
热议问题