Saturday, August 3, 2013

PHP $_SESSION Empty on Next Page

PHP $_SESSION is empty during AJAX calls. First thing to check is register_globals must be Off. PHP $_SESSION return empty string when user navigates to the next page. When session ID is not invoked properly, the reason can be that the session.save_path is not set.
$_SESSION['username'] = $_POST['username']; The session variables are not set properly.

Now in this condition the session variables return blank on the next page.
echo $_SESSION['username']; returns blank string.

Checklist for Corrective Measures:
  •  Add the following lines at the start of your PHP file:
@ini_set('session.save_path','/home/<UserID>/tmp/sessions');
session_set_cookie_params(3200, '/', $_SERVER['HTTP_HOST']);
session_start();
  •  Make sure that the same sesison ID is in use. The session ID is needed to be saved in Javascript or database. 
session_id($_POST['session_id']);
Use session_id() to get the current session. This session ID can be sent to the client in form of values in Javascript variable.
  • Normally the session_start() must be called before request headers are being sent, in order to set or retrieve any session variable value using the keyword $_SESSION.
    The session variables has been set or not can re-verified using the following line of codes:
 isset($_SESSION['username']);
  • Check the satus of register_globals.
 Paste the code phpinfo(); in the PHP script on server. If the value is register_globals = On, then it is needed to be changed using a php.ini file.
Create a php.ini file in the root folder and add the following line of code.
register_globals = Off
  • Create a php.ini file in the root folder and add the following line of codes:
session.save_path = "/home/<UserID>/tmp/sessions"
register_globals = Off
Also add the following lines in .htaccess file in the same folder:
<IfModule mod_suphp.c>
  suPHP_ConfigPath /home/<UserID>
  <Files php.ini>
    order allow,deny
    deny from all
  </Files>
</IfModule>
The <Files> tag makes sure that anyone form outside can't access the php.ini in the form of a web page URL.
Related Links:


Posted by Ravi Saxena at 11:50 PM
Labels:

2 comments:

  1. AnonymousApril 21, 2014 at 1:04 PM

    I feel that is one of the most significant information for me.
    And i'm satisfied reading your article. However should statement on few basic
    issues, The web site taste is great, the articles is in point
    of fact nice : D. Good task, cheers

    Have a look at my website - penyakit vulvitis

    ReplyDelete
  2. AnonymousDecember 16, 2014 at 11:38 AM

    Saved as a favorite, I love your site!

    Feel free to visit my weblog seo services (Https://Www.facebook.com/seoservicesjustseo4u)

    ReplyDelete

Subscribe to: Post Comments (Atom)