Good day,
I have a nifty issue with my PHP session. The biggest of it actually that it is working most of the time. But there are moments it is not.
I have sort of a CMS system that works as following:
(first page) https://www.example.com/
(second page) https://www.example.com/stackoverflow-cool-site.html
(third page) https://www.example.com/houston-we-have-a-problem/what-problem-do-you-have.html
Now I have tried to set a SESSION variable at the hand of a GET param at the main page so that if the session has been set the third page can use it. E.g.:
htts://www.example.com?set=good_weather
Now the SESSION ID set for the first page is qavuaadh6l0b9qhmrv9unr0chc But I notice that the other pages give : 2gmdggiv9k43khtsikm2eo1rvh
And of course the Session ID can be anything and that's not so much of an issue. But it is that it's a different SESSION ID.
Now this question has come up before! And the answer has been, session_set_cookie_params https://www.php.net/manual/en/function.session-set-cookie-params.php
However, I have done this already. And in proper order. But probably not quite as I am supposed to. And I am really wondering where my problem is.
session_set_cookie_params(
self::$limit, /// **** LIFETIME OF THE SESSION COOKIE (in seconds)
self::$path, /// **** THE DOMAIN FOR WHERE THE COOKIE WILL WORK. (single / for all paths on the domain.)
self::$domain, /// **** DEFINE THE DOMAIN NAME
self::$secure, /// **** ONLY BY SECURE CONNECTIONS
self::$httponly /// **** INDICATE THAT THE SESSION COOKIE IS AVAILABLE THROUGH HTTP PROTOCOLS ONLY (not by Javascript)
);
And if you fill out the variable values you get :
session_set_cookie_params(
432000,
'/',
'example.com',
true,
true
);
For what I can see and understand this should be correct. But it isn't. I hope someone could shed light on my mistake.
Thanks in advance.
HTTPS I am accessing the site over HTTPS and every call I made to the set scripts are by HTTPS only.
Script I have all calls routed to the very same script. I am using a .htaccess script to make it all work.
DirectoryIndex core/index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ core/index.php?url=$1 [QSA,L]
</IfModule>