Problem with session

**nati** · Jan 24, 2009 19:33

Hello everybody,

I have weird situation with starting session on my site. Locally, everything works fine, but on remote server, when I try to login, session is not started. Actually, when I put a message to see session id, it was not empty, but $_SESSION variables are empty.

Here is my code:

Code:

<?php session_start();
session_regenerate_id();
$logovan = $_GET['ime'];
$proizvod = $_GET['proizv'];
  if ($logovan != '')
  {
  $_SESSION['sesija_sesname'] = session_id();
  $_SESSION['sesija_loguser'] = $logovan;
  $_SESSION['sesija_tekuca_kat'] = 0; 
  $_SESSION['sesija_artikal'] = $proizvod;
  $_SESSION['sesija_korpa'] = ''; 
  $_SESSION['sesija_ukupna_cena'] = 0;
  $_SESSION['sesija_ukupno_artikala'] = 0;
  if ($proizvod == '')
  {go page1}
  else
  {go page2}

  }
?>

Any help would be apriciated.

Tnx in advance,
Nati

**crmalibu** · Jan 25, 2009 00:25

Turn up error reporting

PHP Code:


<?php

// top of script

ini_set('display_errors', 1);

error_reporting(E_ALL);

As far as {go page1} goes, is this a redirect, or an include? Provide details.

**nati** · Jan 25, 2009 06:32

Two lines of my code "go page1" and "go page2" should be header commands for going on certain pages depending on condition, but SitePoint didn't allow me to post links

.

I put a code for error reporting and nothing happend, no errors at all.

I still don't understand why session variables are empty.

**nati** · Jan 25, 2009 06:52

Hi again,

I've added two echo commands (with error reporting), to see if I'll get some information.

Here is my new code:

PHP Code:


<?php

ini_set('display_errors', 1); 

error_reporting(E_ALL);  

session_start();

session_regenerate_id();

$logovan = $_GET['ime'];

$proizvod = $_GET['proizv'];

  if ($logovan != '')

  {

  $_SESSION['sesija_sesname'] = session_id();

  echo "Session id: ".session_id();

  echo "Variable session is: ".$sesija_sesname;

  $_SESSION['sesija_loguser'] = $logovan;

  $_SESSION['sesija_tekuca_kat'] = 0; 

  $_SESSION['sesija_artikal'] = $proizvod;

  $_SESSION['sesija_korpa'] = ''; 

  $_SESSION['sesija_ukupna_cena'] = 0;

  $_SESSION['sesija_ukupno_artikala'] = 0;

  if ($proizvod == '')

  {header('Location: index.php');}

  else

  {header('Location: detail.php');}

  }

?>

And what I get is:

Session id: b5fabfc37ac58788f89641fb28db0ffb
Notice: Undefined variable: sesija_sesname in /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php on line 12
Variable session is:
Warning: Cannot modify header information - headers already sent by (output started at /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php:11) in /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php on line 20

Header warning is because of echo command, so it doesn't metter.

What is important is that session_id exists, but $_SESSION variables are empty.

Any conclusion?

Tnx,
Nati

**nati** · Jan 25, 2009 07:47

Here I am one more time

.

I found what made my session didn't work, but I still don't understand why

.

Firstly I've changed a line of code in my previous post:

PHP Code:


echo "Variable session is: ".$sesija_sesname;

With next line:

PHP Code:


echo "Variable session is: ".$_SESSION['sesija_sesname'];

And I've got a session variable is not empty. Then I made changes to other pages which use session variables and wrote $_SESSION['blabla'] instead of $blabla and now it works!

What I am confused about is that I thought (obviously wrong

) session variables should be declared as $_SESSION['blabla'] once and lately could be referenced to as $blabla. That worked fine at my local enviroment.

What can cause that works in one enviroment and doesn't work in another?
And what is correct way to do?

Tnx a lot!
Nati

**crmalibu** · Jan 25, 2009 09:13

when register_globals is on, $_SESSION['blabla'] and $blabla behave as the same variable. Changing one changes the other.

**nati** · Jan 25, 2009 09:24

So, as I don't have access to php.ini on remote server and I don't know if register_globals is on or off, it's clear I should always use $_SESSION['blabla'].

Tnx for help

!
Nati

**Jake Arkinstall** · Jan 25, 2009 12:07

Correct.

Please turn off Register_Globals on your sever; for your sake.

**frank1** · Jan 25, 2009 23:27

i have a pages which is hit by around 100 user at a given instance..
is it ideal to use...
session_regenerate_id();
blindly as done in this script..
what will be its effects to the server performance...

ok it may step to mitigate session hijacking but...

**Latox** · Jan 26, 2009 02:27

You don't need server access to turn off RegisterGlobals.

You can do it serverside by editing .htaccess -

Code:

php_flag register_globals 0

<-- IF THAT DOESN'T WORK -->

Code:

php_flag register_globals off

Add that to your htaccess file.

Also, if your SESSION variables are empty, check it is getting the info from the URL.

PHP Code:


<? echo $proizvod; ?>

User Tag List

Thread: Problem with session

Thread Tools

Display

Problem with session

Bookmarks

Bookmarks

Posting Permissions