I have a rather strange problem; there are three pages which are using this cookie - one sets $_SESSION = 0 (as another Stack article suggested my issue might be related to PHP having difficulties with timings so 'pre-creating' the session, then writing to it might help), another file starts the session, changes the session cookie to an array with some useful data in it and supposedly saves it. Only, in this file the session will never actually get written to disk... On the third page, I will try and access the cookie and get an output of '0' (first page).
I've spent a lot of time debugging this and have checked:
- That
session_startandsession_write_closeare being used appropriately. - That PHP.ini is set up correctly, with a writable storage path (/tmp)
- That PHP is actually using this storage path!
- And I've also sat there comparing cookie ID's in browser and on the server to work out when sessions are and are not being created.
I don't see an issue in my code, and as other pages are able to use the session correctly (pages 1 and 3), it is only page 2 which is having an issue.
This is my debugging output from page two, showing the array I tried to write plus the fact that PHP doesn't seem to know what the session ID is, but there are no errors when I call session_start?
bool(true)
session id:
session file: /tmp/sess_ does not existarray(3) {
["user"]=>
string(5) "kevin"
["time"]=>
int(1472646292)
["ip"]=>
string(13) "178.62.20.247"
}
array(1) {
["oscar"]=>
string(26) "9h8c8fgkscitc7l3m7t18f37u2"
}
And the pertinant code from page two:
<?php
//error reporting
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
//session starts
session_name("oscar");
var_dump(session_start());
session_regenerate_id();
if (! is_writable(session_save_path())) { throw new \Exception( session_save_path() . ' NOT WRITABLE!'); }
$_SESSION['user'] = $_POST['username'];
$_SESSION['time'] = time();
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
echo '<pre>';
echo 'session id: ', session_id(), "
";
$sessionfile = ini_get('session.save_path') . '/' . 'sess_'.session_id();
echo 'session file: ', $sessionfile, ' ';
if ( file_exists($sessionfile) ) {
echo 'size: ', filesize($sessionfile), "
";
echo '# ', file_get_contents($sessionfile), ' #';
}
else {
echo ' does not exist';
}
var_dump($_SESSION);
var_dump($_COOKIE);
echo "</pre>
";
session_write_close();
exit();
?>
The output of var_dump(session_start()); is
bool(true)
And if you refresh the page, the output of $_COOKIE changes (as the session ID is changed).
Thank you for any help - I hope I'm not being stupid. I've made a lot of effort debugging this.
EDIT:
This now appears to be an issue with where scripts are in the filesystem.
All the files are loaded through one index.php - the ones that don't update sessions (don't work) are located in api/filename.php, whilst, ones that do work are located in ../server/includes/admin/filename.php. (Nb. those paths are relative to index.php)
System: Ubuntu Server 16.04 PHP7 Apache2
