By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,952 Members | 943 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,952 IT Pros & Developers. It's quick & easy.

PHP Session Resetting on 2nd Page

LacrosseB0ss
100+
P: 113
Hey folks;
I have PHP session variables that are having some troubles. I posted in a few other forums but couldn't really find one dedicated to my specific issue. I am using a few session variables throughout my website and am using the following two lines at the top of every session related page:

[php]
<?php
session_start();
$_SESSION['userID'] = ""; //initialization on first page used only
?>
[/php]

and then code elsewhere on the page. In every case, the session variable saves fine and works. UNTIL it swaps pages. When the 2nd page is loaded I was using "echo $_SESSION['<name>']" but in every case again, the $_SESSION variable loses the data that was set in code and reverts to whatever it was initialized to (using the above example: if the $_SESSION['userID'] saved "Bob123" on page 1, now it would have " " saved).

I had originally hardcoded values in to move on with development but now I need to get this working and am frustrated with the lack of help search engines and other resources have provided. Thanks in advance for any assistance any of you here in the community can provide.

- LB
Dec 13 '07 #1
Share this Question
Share on Google+
8 Replies


P: 41
Hey folks;
I have PHP session variables that are having some troubles. I posted in a few other forums but couldn't really find one dedicated to my specific issue. I am using a few session variables throughout my website and am using the following two lines at the top of every session related page:

[php]
<?php
session_start();
$_SESSION['userID'] = ""; //initialization on first page used only
?>
[/php]

and then code elsewhere on the page. In every case, the session variable saves fine and works. UNTIL it swaps pages. When the 2nd page is loaded I was using "echo $_SESSION['<name>']" but in every case again, the $_SESSION variable loses the data that was set in code and reverts to whatever it was initialized to (using the above example: if the $_SESSION['userID'] saved "Bob123" on page 1, now it would have " " saved).

I had originally hardcoded values in to move on with development but now I need to get this working and am frustrated with the lack of help search engines and other resources have provided. Thanks in advance for any assistance any of you here in the community can provide.

- LB
Please post a little bit more code, for example your second page. If the problem isn't your subsequent pages, then it is probably your php.ini settings.
Dec 14 '07 #2

LacrosseB0ss
100+
P: 113
I have 3 separate sections where Sessions are used. $_SESSION['userID'] for a user that logs in, $_SESSION['newPwd'] which is used when a user is setting a new password and finally $_SESSION['matchedIDs'] which comes from an XML file based on a search.

In each case the opening 2 lines of the page are:
[php]
<?php session_start();
//depending on the page, one of the next 3 lines
$_SESSION['userID'] = "User Not Found";
$_SESSION['newPwd'] = "";
$_SESSION['matchedIDs'] = "No Match Found";
?>
[/php]

Then in the code (last thing before the </head> tag in HTML). (again, depending on the page)
for User ID:
[php]
//snipet $member comes from a master XML file
if ($member->FirstName == $_POST['txtFName'] && $member->LastName == $_POST['txtLName'] && $member->Password == strtoupper($_POST['txtPwd']))
{
$_SESSION['userID']=$member->ID;
[/php]

for New Password:
[php]
if (isset($_POST['cmdChange']))
{
$newPwd = $_POST['txtNew'];
$_SESSION['newPwd'] = $newPwd;
}
[/php]

and finally for Matches:
[php]
//again, called from an XML file
function search()
...
//list of matches from user text boxes, matched to XML file
$matchedIDs = $matchedIDs . $member->ID . ", ";
...
return $matchedIDs;

//saved in
$_SESSION['matchedIDs'] = search();
[/php]

Now, all of this saves fine (I've checked with echo statements). However when I go to reference it on the next page, it is back to whatever the original value was (1st code block). This code for these pages is:
[php]
<?php session_start(); ?> //top of every page

//before the </head> tag - page specific
$member = simplexml_load_file('/cgi-bin/XML/' . $_SESSION['userID'] . '.xml'); //load XML file for logged in user
$IDs->$pwds->nodeValue = $_SESSION['newPwd']; //change password, update XML
echo $_SESSION['matchedIDs']; //search, temp testing for now
[/php]

Sorry all for the lengthy post and numerous code blocks. But there it is for you. Hope it helps and provides enough info. I'm trying to finish up the project and get it off my plate as soon as I can. Thanks everyone, and thanks to clai83.
- LB
Dec 14 '07 #3

LacrosseB0ss
100+
P: 113
oh yeah, and I am not the server owner so I don't have access to the php.ini file. Please tell me that's not the issue. Lie if you have to ...
Dec 14 '07 #4

P: 41
oh yeah, and I am not the server owner so I don't have access to the php.ini file. Please tell me that's not the issue. Lie if you have to ...
I don't see anything wrong with the code you posted that would affect your $_SESSION['user_id'] variable. I would do the following to check to see if the session is being properly stored.

1. echo the $_SESSION['user_id'] in the first and second page.
2. echo the session_id() to make sure that they are the same.
3. If the session id is not the same then for some reason a new session is being created somewhere.
a) Check the directory where session variables are stored (by default this is /tmp but it could be something else if your server has changed the setting). See if a session file with a matching id is stored in there.
4. Check the phpinfo() and check to see the session settings.
a) session.save_handler = files
b) session.use_cookies = 1
c) session.use_only_cookies = 1
d) session.name = PHPSESSID
pay close attention to the PHP session garbage collector
If these settings put a high probability of deleting your session
data, that may be a reason too, why the session data is disappearing though I doubt this but check it anyway. This is my setting.

session.gc_probability = 1
session.gc_divisor = 1000

5. For testing purposes echo out all your globals to see how data is being propagated. might find something useful there.

6. If all else fails try to manually propagate your session in the URL in a test page and see if the session data keeps.

I'm sorry if I'm being abstract on my possible solutions, I just don't see any thing yet in your code that can cause it to reset to " ".

hopefully this is of some help
Dec 14 '07 #5

LacrosseB0ss
100+
P: 113
thanks again. Yeah, I couldn't see anything in the code either that would be causing any of these problems. Hence me coming here. Except that I have only been using PHP full time for about 3 months.

Clarification: If I'm using a session variable, do I need session_start() at the top of EVERY page? When I originally heard this, I assumed that would create a new session each time. Is there not a session_continue? Or is it not implied (as with ASP) until session_destroy();

I'll investigate your suggestions. Problem being I will need to contact the server owner. As previously mentioned, I don't have access to the server settings (that I know of). The project was thrown together super quick by the sponsors and they got server space for REAL cheap off someone they knew. Ideally, the server would be my baby and I could control what my php did.

Oh well, c'est la vie. thanks again. I'll e-mail our guy and post back.
Dec 15 '07 #6

P: 41
thanks again. Yeah, I couldn't see anything in the code either that would be causing any of these problems. Hence me coming here. Except that I have only been using PHP full time for about 3 months.

Clarification: If I'm using a session variable, do I need session_start() at the top of EVERY page? When I originally heard this, I assumed that would create a new session each time. Is there not a session_continue? Or is it not implied (as with ASP) until session_destroy();

I'll investigate your suggestions. Problem being I will need to contact the server owner. As previously mentioned, I don't have access to the server settings (that I know of). The project was thrown together super quick by the sponsors and they got server space for REAL cheap off someone they knew. Ideally, the server would be my baby and I could control what my php did.

Oh well, c'est la vie. thanks again. I'll e-mail our guy and post back.
^_^ you do need to session_start() on top of every page. You would think that this would restart a new session, but it doesn't. Basically PHP will do all the background work to see if the user has a cookie (if you are using that method) that has a php session id that matches a session that is currently being stored. If there is a match then all your session variables are stored in the $_SESSION super global

hopefully this is the answer
Dec 15 '07 #7

LacrosseB0ss
100+
P: 113
it does help explain why session_start() goes on every page. Still haven't had a chance to look at the solutions above yet. But when I do, as mentioned I'll report back. By the sounds of what you're talking about it could be different session IDs which could suck.

I've also been reading about session_register(); what does that do? And how does HTTP_SESSION_VAR something like that differ from $_SESSION (which I've seen around). I'm led to believe HTTP whatever it is more of a legacy coding concept replaced by the $_SESSION global.

Again, sorry for basic questions, I'm VERY new at this. Thanks for all the help.
- LB
Dec 16 '07 #8

P: 41
it does help explain why session_start() goes on every page. Still haven't had a chance to look at the solutions above yet. But when I do, as mentioned I'll report back. By the sounds of what you're talking about it could be different session IDs which could suck.

I've also been reading about session_register(); what does that do? And how does HTTP_SESSION_VAR something like that differ from $_SESSION (which I've seen around). I'm led to believe HTTP whatever it is more of a legacy coding concept replaced by the $_SESSION global.

Again, sorry for basic questions, I'm VERY new at this. Thanks for all the help.
- LB
Yes HTTP_SESSION_VARS is deprecated. Same thing though.

session_register() is a deprecated way of registering new session variables. Just use $_SESSION superglobal for all your session needs.

1. Make sure you allow cookies on your browser when you are testing your script. If the session cookie is not stored properly on your side then the session_start will always bring up a new session.

2. While you are testing your code check the cookie stored on your computer and make sure that the cookie php session id matches the current session you are working with. Just do a quick echo session_id().

3. Even if you are not the server owner, if your server allows htaccess overrides then you can set your own phpini settings using that. Google 'phpini htaccess' and there are a bunch of pages that will show you how.

4. There is also a ini_set function that you can use to set phpini settings through your script. I'm not completely sure about the scope of this function. You may want to consult php.net manual for more details.

In any case do a small test on your server.

For example

PAGE 1
[PHP]
<?php
session_start();
$_SESSION["testvar"] = "testing";
echo session_id()."<br />";
?>

<html>
<head><title>Page 1</title></head>
<body>
<p>
<a href="page2.php" title="Page 2">Page 2 Link</a>
</p>
</body>
</html>
[/PHP]

PAGE 2
[PHP]
<?php
session_start();
echo $_SESSION["testvar"]."<br />";
echo session_id()."<br />";
?>
[/PHP]

If there are matching session IDs and if your testvar displays right then there is something wrong with your code or the server PHP settings.

Also, remember to put session_start() at the top of your script (before you start displaying things in HTML) otherwise that may also be a reason why your session vars are disappearing.
Dec 16 '07 #9

Post your reply

Sign in to post your reply or Sign up for a free account.