PHP session variables not being maintaned

Question

I have an application that has been working with session variables no problem. I start the session before the headers on every page that uses when, it has been fine then it seems all of a sudden I'm getting an undefined index error when I navigate to a page other than the one that sets up the session variables. But only on some browsers. Sometimes sessions are maintained and sometimes they aren't.

It seems that cookies aren't being stored some of the time. I've done checks using different browsers and sometimes cookies are stored and sometimes not.

I did an experiment. I was using firefox to use to app and I was keeping an eye on the tmp folder where the sessions are stored. I cleaned it out. Using firefox I started using the app, using all the pages that sessions were in use and at the end I checked the tmp folder and it had one session file in there.

Did the exact same with internet explorer and there are now 7 different session files.

I'm using PHP 5.3.0 with the WAMP stack. Apache 2.2.11. Session support is enabled in my phpinfo().

I call a var dump on the first page and it prints out the session data. On any subsequent pages the session variable is empty.

<?php var_dump($_SESSION); ?>

array(0){}

Can anyone help me figure out a solution to this?

UPDATE - PHP INI SESSION settings

Directive        Local Value     Master Value
session.auto_start Off           Off 
session.bug_compat_42 On         On 
session.bug_compat_warn On       On 
session.cache_expire 180         180 
session.cache_limiter nocache    nocache 
session.cookie_domain 82.68.26.169   82.68.26.169 
session.cookie_httponly Off      Off 
session.cookie_lifetime 0        0 
session.cookie_path /            / 
session.cookie_secure Off        Off 
session.entropy_file no value    no value 
session.entropy_length 0         0 
session.gc_divisor 1000 1000 
session.gc_maxlifetime 1440      1440 
session.gc_probability 1         1 
session.hash_bits_per_character 5 5 
session.hash_function 0 0 
session.name PHPSESSID           PHPSESSID 
session.referer_check no value   no value 
session.save_handler files       files 
session.save_path c:/wamp/tmp    c:/wamp/tmp 
session.serialize_handler php    php 
session.use_cookies On           On 
session.use_only_cookies On      On 
session.use_trans_sid 0          0 

UPDATE - Solution

Because my app was using iframes pulling in pages from another domain (which i created) the cookies i was trying to set were being blocked. Setup a P3P header and the problem seems to be solved!

Answer 1

My suggestion from your previous question still stands: please compare session ids.

The solution might be as simple as your browser not accepting session cookies.

You retrieve the session id by calling session_id(). Do that right after session_start() it should give you a constant value if the session is the same. Otherwise for every request a new session is instantiated.

Also check C:\wamp\tmp. A gazillion files in this directory might indicate fresh sessions for each request.

EDIT Since we've confirmed new sessions per request, it's time to find out whether session cookies are accepted. Check the settings of your browser and confirm that a cookie for your domain (I guess it's "localhost") with the name PHPSESSID can be found.

Answer 2

Do you call session_start() on every page that accesses session data?

Edit: And do you receive the same session ID every time?
Also, could there be some error or warning you're missing (e.g. headers already sent) due to settings?

Answer 3

here is the sense in

while( $row = sqlsrv_fetch_array( $stmt, SQLSRV_FETCH_ASSOC))
{
  $_SESSION['saveddata'] = $row;
}

it rewrites $_SESSION['saveddata'] value on each iteration. may be you meant something like

 $_SESSION['saveddata'][] = $row;

it makes sense for $atid = $_SESSION['saveddata']['autotaskid'];

Answer 4

Review your session settings. You have a full list with:

<?php

phpinfo();

?>

Scroll down to the "Session" table.

Particularly, make sure that the session.save_path directory exists and is writeable.

Answer 5

When a new session ID is created with each request, most likely it is an issue with your session paths (save_path and cookie_path) and chances of this happening are greater if you're hosting different applications on one server (shared hosting) and some of these applications also implement sessions. This results in conflicts in your /tmp directory. You could change the config of your ini file, but it's best to configure these parameters during runtime.

session_set_cookie_params(0, "/app", ".domain.com");//set session cookie parameters
session_save_path("/home/../public_html/app/sess");//set directory of this app's session data
session_start();//start session

I hope that helps everyone having this issue. #CodeOn

Answer 6

I solved this problem on my local WAMP by clearing out the \tmp directory of old sessions.