I have a client who is running a user management script. The host provider had blocked allow_url_fopen but is using suPHP so we created a local copy of php.ini with allow_url_fopen set to "on".
The only problem now is that you can no longer login to using the script - it says 'success logging you in' - then logs you right out (because the sessions are either not getting created or are in the wrong place - excuse my lack server knowledge).
Here are the settings in the local php.ini
upload_tmp_dir = "/home/aspac124/public_html/tmp"
register_globals = On
memory_limit = 256M
session.save_path = "/home/aspac124/public_html/tmp"
safe_mode = off
upload_max_filesize = 32M
allow_url_fopen = On
zend_extension = "/usr/local/IonCube/ioncube_loader_lin_5.3.so"
I'm not sure why the hosting provider turned register_globals on for the client. But is that the correct place for the session.save_path? I've checked and the folder exists and I also set it to 777 just to make sure but no happiness.
Another client using the same system had a similar issue and told me he changed the tmp/ folder to his home directory and everything was fine.
I've tried to put the save path as just /tmp, /home/aspac124/tmp and nothing happens - just get logged out as normal. If I make up a path then I get a "No such file or directory" error.
When I put it as "/home/tmp" I get the following message
Warning: session_start() [function.session-start]: open(/home/tmp/sess_4417d180e599b5f12fc34a28f5467d21, O_RDWR) failed: Permission denied (13) in /home/aspac124/public_html/domainnamehere.com/includes/lightwork_session.php on line 45
What does this mean, is the home/tmp the correct place for this and if so what should I do - should the folder permissions be changed?
edit: I don't have access to folders outside the domain root so cannot change the file permissions - have to wait for the client but would like as much info before then.
Thanks in advance
EDIT: Just for anyone reading this. Please make sure your local php.ini file settings are applied to any sub folder that may require it. I was making ajax requests to a file in a sub folder to the root and this was the issue.
