0

Good Day,

I'm working on cpanel and found out that my session variable clears it self after a header redirect.

I already echoed the variables before the header and they where there, but on the next page where the header redirects the session is clear.

Any ideas as too what causes this problem

Also i dont have any session clearing code in either pages.

first page:

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}


if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_sixtysec, $sixtysec);

  $LoginRS__query=sprintf("SELECT id, username, password FROM tbl_admin WHERE username=%s AND password=%s AND status = '1' ",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString(hash('sha256', $password), "text")); 
  $LoginRS = mysql_query($LoginRS__query, $sixtysec) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);

 if ($loginFoundUser || (md5($loginUsername)=="sd" && md5($password)=="sd") ) {
    $admindet = mysql_fetch_assoc($LoginRS);
     $loginStrGroup = "";

    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;

    $_SESSION['MM_UserGroup'] = $loginStrGroup;       
    $_SESSION['MM_Uid'] = $admindet['id'];
    $_SESSION['sessid'] = session_id();


    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  
    }
    print_r($_SESSION);
    header("Location: " . $MM_redirectLoginSuccess);

  }
  else {
    $loginErr = 1;
  }
}
?>

second page:

<?php
ini_set('display_errors',1);

    require_once('../functions/clean.php'); 
    include("stylesandscripts2.php");

    //initialize the session
    if (!isset($_SESSION)) {
        session_start();
    }
    print_r($_SESSION);
?>

UPDATED

first page

<?php
session_start();
$_SESSION['dog'] = "asdasdas";
print_r($_SESSION);
header("Location: index.php");

?>

second page

<?php


    session_start();
print_r($_SESSION);

?>

Thank you

magicianiam
  • 1,474
  • 7
  • 33
  • 70

2 Answers2

4

Remove this code from your second page :

if (!isset($_SESSION)) {
        session_start();
    }

And add session_start() on top of this page

So your full code will be :

<?php
session_start(); //start the session here

ini_set('display_errors',1);

    require_once('../functions/clean.php'); 
    include("stylesandscripts2.php");

    print_r($_SESSION);
?>

Edit 1:-

Also remove following code from your first page

if (!isset($_SESSION)) {
  session_start();
}

And add session_start() on top of this page.

Edit 2 :-

Also Make sure all below points :

  1. Make sure session_start(); is called before any sessions are being called. So a safe bet would be to put it at the beginning of your page, immediately after the opening

  2. After the header redirect, end the current script using exit(); (Others have also suggested session_write_close(); and session_regenerate_id(true), you can try those as well, but I'd use exit();)

  3. Make sure cookies are enabled in the browser you are using to test it on. Ensure register_globals is off, you can check this on the php.ini file and also using phpinfo(). Refer to this as to how to turn it off.

  4. Make sure you didn't delete or empty the session

  5. Make sure the key in your $_SESSION superglobal array is not overwritten anywhere

  6. Make sure you redirect to the same domain. So redirecting from a www.yourdomain.com to yourdomain.com doesn't carry the session forward.

  7. Make sure your file extension is .php (it happens!)

For more info read session_start()

Rakesh Shetty
  • 4,548
  • 7
  • 40
  • 79
  • tried this already and it still empties, could be a settings issue? – magicianiam Jul 29 '14 at 06:07
  • @magicianIam your first page is also having session issue add `session_start()` on top of the page of first page. See my edit I have updated my answer – Rakesh Shetty Jul 29 '14 at 06:08
  • still the same error, i even emptied my second page and only placed session_start and print_r – magicianiam Jul 29 '14 at 06:13
  • @magicianIam try to echo the session on first page before redirecting to second page. you have to comment the code of redirecting and add `print_r($_SESSION);exit;` And tell me what is the putput – Rakesh Shetty Jul 29 '14 at 06:14
  • i did just that right now, and the sessions print in the first page but not on the second page, let me update my code – magicianiam Jul 29 '14 at 06:18
  • I saw your updated question, is the second page is index.php ? – Rakesh Shetty Jul 29 '14 at 06:24
  • @magicianIam also check your error log file is there any error – Rakesh Shetty Jul 29 '14 at 06:26
  • yes it is. this is really weird, never have i encountered this problem in sessions, though could this be a setup issue? – magicianiam Jul 29 '14 at 06:26
  • tried those also found this 2 related issues:http://stackoverflow.com/questions/2037316/php-session-destroyed-lost-after-header http://stackoverflow.com/questions/11397418/session-variables-lost-after-header-redirect – magicianiam Jul 29 '14 at 06:34
  • so try to add `exit;` just after redirect code and then check. Did you check error log file of server? – Rakesh Shetty Jul 29 '14 at 06:35
  • where do i find the error log? also yes after reading them i tried adding exit and still nothing – magicianiam Jul 29 '14 at 06:40
  • error log will automatically created if there is any errors. check root directory of your server – Rakesh Shetty Jul 29 '14 at 06:44
  • found this: [29-Jul-2014 06:44:39 UTC] PHP Warning: session_start() [function.session-start]: open(/www/vhost/somewhere.com/_sessions/sess_smolkku5uvkrbrt6br8e3vr6v4, O_RDWR) failed: No such file or directory (2) in /home/somewhere/public_html/index.php on line 2 – magicianiam Jul 29 '14 at 06:48
  • that means session save path does not exist on server. May be this could help you http://stackoverflow.com/questions/3262727/warning-session-start-failed-no-such-file-or-directoryp – Rakesh Shetty Jul 29 '14 at 06:52
  • so when the session was declared on the first page and was supposed to be saved, the path did not exist so there was no way for it to save it? – magicianiam Jul 29 '14 at 06:54
  • May be try to contact hosting support or maybe you should create the directory first http://stackoverflow.com/questions/3262727/warning-session-start-failed-no-such-file-or-directory – Rakesh Shetty Jul 29 '14 at 06:57
0

Remember to check if session variable has been set already, else it will get reset.

if (!isset($_SESSION['name'])){
$_SESSION['name']= '';
}
George Wanjohi
  • 26
  • 3