$_SESSION is empty after redirecting

Question

i have a little problem in my code. I am trying to store some variables in my session after a user has logged in and then i want to redirect the user to another site. I have replaced the correct variables with some testvalues, but can not figure out why this does not work.

the code of the login site is:

require_once ('SecureSessionHandler.class.php');

$session = new SecureSessionHandler('abcd');
$session->start();
$session->put("test", "test");
print_r($_SESSION);

if(isset($_POST['login']))
{
    //check User

    //login
    $session->put("userlogin", 1);
    header("location: index.php");
    exit();
}

echo "<form action ='' method='POST'>";

echo "<label for='username'>Name: </label>";
echo "<input type='text' name='username'><br>";

echo "<label for='passwort'>Passwort: </label>";
echo "<input type='password' name='passwort'><br>";

echo "<input type='submit' name='login' value='Anmelden'>";

echo "</form>";

The print_r($_SESSION) works just fine here, it displays "Array ( [test] => test )".

The code of the second site is:

<?php
require_once 'SecureSessionHandler.class.php';
$session = new SecureSessionHandler('abcd');
$session->start();

//some stuff that is not relevant here

//check login
$userlogin = $session->get('userlogin');
print_r($_SESSION);
echo "<br>";

if($userlogin == 1)
{
    //do stuff
}

Here the print_r($_SESSION) displays "Array ( )".

I have no idea why this is the case. I would really appreciate any help you guys can give me.

Remove $session = new SecureSessionHandler('abcd'); line it will create new session with unset priviously updated session. — Domain, Mar 07 '16 at 10:23
Hi WisdmLabs, this runs into "Fatal error: Call to a member function start() on a non-object", the result is the same when i try the normal session_start(). — Steffen Riek, Mar 07 '16 at 10:35
Remove this line also and check it and let me know if you have any issue. — Domain, Mar 07 '16 at 10:38
FYI: A `Location` header requires an absolute URI, per definition. — CBroe, Mar 07 '16 at 10:38
Refer this link http://php.net/manual/en/function.session-start.php for session. — Domain, Mar 07 '16 at 10:40
Okay, so I replaced all the functions from SecureSessionHandler with php-standard functions, still the same result. The session is empty after the redirect. Giving an absolute URI has the same effect. — Steffen Riek, Mar 07 '16 at 10:47
What are the domains the two sites are on? Are both sites hosted on the same server? Does it work if you use normal sessions rather than your SecureSessionHandler? If the custom session handler is relevant please include the code. — Eborbob, Mar 07 '16 at 10:49
The sites are on a local server wich i access via IP at the moment. The IP is 192.168.69.11. Both sites are on this server and even in the same directory. Using normal sessions rather than SecureSessionHandler also does not work, it leaves me with the same problem. — Steffen Riek, Mar 07 '16 at 10:53

score 0 · Answer 1 · answered Mar 07 '16 at 11:25

Okay,

so I do not know why this is now running as intended. My admin had me do some security updates and a hardware reboot and afterwards it just works with standard php session functions and with my SecureSessionHandler functions.

I suppose something had crashed or blocked access to a file that was needed.

But none the less, thank you for your help.

$_SESSION is empty after redirecting

1 Answers1

Linked