PHP Session won't update with AJAX

Any request will return a header code.

By default 200 OK is returned on every request that finishes running on the server, you dont need to send any output, its sent by default by the webserver.

The same if any “failure” happens, the according header is sent.

This is why you must make certain you send the correct failure headers on for example IPN scripts if there were a failure and you want the payment processor to send another request later (if the processor supports it of course).

If you dont mind, I am really interested in what web server/version that this was on as well as what browser/version we are talking about.


The server I am on is linux w/ php 5.2.6 @ The browsers that weren’t working were:

FF3 on Ubuntu 8.10
FF3 on Mac OSX current
Safari on Mac OSX current

All Windows browsers worked that I tested (FF3, Opera, IE, Chrome). I’m all for things working the way they are supposed to, but sometimes they dont… and I just try things until they do.

Is it running Apache, or do you a other application as the web server?

I know that my problem has nothing to do with the session handler because sessions are handled properly by my application without ajax. I also used a custom session handler that was in the sitepoint PHP Anthology book.

skunkbad, your solution is the only one I have not tried. It looks like that has a good chance of solving my problem. Unfortunately I get an error “http is not defined” when using the line:

<?php echo "http.setRequestHeader('Cookie','yourcookiename=" . session_id() . "');''; ?>

Any tips? Note that I changed “yourcookiename” using the value echoed by session_name().

Here is the ajax call that I use (after creating the URL, which works as expected when I copy it into the address bar. For some reason it does not work when called by javascript. I have a feeling this has to do with the client side storing a cookie which is not updated by ajax):

	// Create new JS element
	var jsel = document.createElement('SCRIPT');
	jsel.type = 'text/javascript';
	jsel.src = url;

	// Append JS element (therefore executing the 'AJAX' call)
	document.body.appendChild (jsel);

I find this is much more elegant than using an ActiveXObject as shown by rajug.

Yes, it is Apache

I am creating a request object called http, and that is why http is http. If your request object is named something other than http, then replace http with that name… I am not sure how you would do it if you aren’t creating a request object. Honestly, I fumble through AJAX, so I am not an expert by any means. I am only offering suggestions based on my experience.

Ok, just did a few tests myself with FF3 and Safari (Mac) but did not run into the issue you mentioned from here. It is possible this is caused by some settings / configuration on your host’s server.

Though always nice to know about possible issues/problems like this, as you never know what you will run into in the future. Ive seen too many times that a badly configured/setup server has caused problems that it takes hours to figure out why they happen.

Is it more “elegant”?

I strongly recommend that you actually learn what the term/abbreviation’s you use means before using them. While your at it, study up on the http specifications and they way they work as well.

First, what you use is not a “AJAX” call. While I dont like the term in general since the functionality was around years before people started to call it “AJAX” I do understand why people use it.

There is nothing Asyncron with the call you do, actually what you do is to include an “external javascript” into the browser. Depending how you do that there is several issues that can happen, including severe race conditions.

If you want to run something asyncron or even syncron for that matter, do it the correct way. It does not need to be complicated, the code you use decide that.

For example, here is a except from the manual on our internal JS framework on how to initiate and load a javascript request.

resource Kaizen.AJAX.Request ( string url, resource callbackFunc [, bool async [, string user, string pass]] )

void load ( string data [, string method [, array headers]] )

These two commands is all that is needed to initiate and run a javascript request. Everything else is handled automatically.

Back to your issue.

I mentioned it before, you DO NOT need to include the session id or the cookie with the request, as the cookie is sent with every request by default.

If your doing a cross domain request, there is many reasons for the fact that you have issues, but I do not believe this is what you try to do.

It is possible that you have a race condition happening here, you need to go over the code and find out what exactly happen when your request is being initiated. I.e. when is the so called “AJAX” request initiated, what else is happening during the same time etc.

If your still not able to sort it out, paste the entire code for both pages here and we might be able to spot the issue for you.


I’ve got an image of my phpinfo(), and you can see it here:

I think every server is different, and there is always a surprise awaiting me in regards to something not working on one server, but working on another. It does drive me nuts sometimes to figure out what is wrong with code that should work but doesn’t. It’s just part of the fun I guess.

While your problem might be something else, this is extremely poor logic. You making assumptions that things are working how you expect, and that you fully understand how things work, is the reason you have a problem. You need to debug. Check your assumptions. Sessions are not black magic, but few people understand how they work in detail.