SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    Mar 2010
    Location
    Surrey, UK
    Posts
    81
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Problem with cookies/sessions and folders

    Hi,

    One of my sites that uses cookies and sessions for user logins has been working fine for years but has recently started to be a bit weird. There's a login form on the homepage which works fine, and once you're logged in you remain logged in for all root pages but as soon as you go to /store/, you're logged out and are taken to /store/login.php (a separate login page within the store which does the same thing as the main login).

    At this point, if you go back to the homepage you're no longer logged in there either. However, if you log in to the store you remain logged in at the store but not at the root.

    I've had a look at the cookies that are set and when first arriving at the site, AND after logging in at the homepage AND after logging in to the store, there are always 2, both called PHPSESSID with the same value, the only difference being that one is for .site.co.uk and the other for www.site.co.uk. Both have their path set to /

    I've also looked at $_SESSION and after logging in at the homepage then going to /store/ (but before being redirected to login.php) the session is empty, yet the PHPSESSID cookie is still set to the same value it was initially. So is it more an issue with sessions rather than cookies?

    What's confusing me is that everything used to work fine and I've not made any changes, so I'm thinking it's possibly a PHP configuration issue, as the site has moved server recently (and also moved from PHP4 to PHP5).

    Anyone got any ideas? Any help would be much appreciated!

  2. #2
    SitePoint Enthusiast
    Join Date
    Mar 2010
    Location
    Surrey, UK
    Posts
    81
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Update: I've just tried a simple test with the following code:

    PHP Code:
    <?php
    session_name
    ('mmsession');
    session_set_cookie_params (6000'/');
    session_start();
    $_SESSION['test'] = 'blah';
    print_r($_COOKIE);
    print_r($_SESSION);
    ?>
    Opening and reloading this page gives:

    Code:
    Array
    (
        [mmsession] => 38d5571188e1ef11f086aee0daf2aeed
    )
    Array
    (
        [test] => blah
    )
    Then, running the same code within a subfolder without setting the 'test' session gives:

    Code:
    Array
    (
        [mmsession] => 38d5571188e1ef11f086aee0daf2aeed
    )
    Array
    (
    )
    whereas the result should be the same for both (I've tested it on a different server and it's fine). All of which makes me think it's even more likely to be a configuration issue somewhere.
    Martin.

  3. #3
    SitePoint Enthusiast
    Join Date
    Mar 2010
    Location
    Surrey, UK
    Posts
    81
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looks like it's an issue with Suhosin - when I disable it the cookies/sessions work fine. I've tried changing a few settings but nothing's worked so far so I've disabled it for the time being until I can work out what the solution is.
    Martin.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •