An internal server serves two different applications to users on our LAN:
https://10.0.0.100/app1/
https://10.0.0.100/app2/
Both apps are served by the same Apache config file, they are just in separate directories under public_html
. Both apps use PHP sessions, but they both prefix the $_SESSION
variables with their namespaces:
$_SESSION['app1_favorite_colour'] = 'Yellow';
$_SESSION['app2_quest'] = 'Agghhh!';
Despite this, users who are logged into app1
are not having their app2_
session data written to the session file on disk. Consider page1.php
:
<?php
/**
* App2
* /page1.php
*/
session_start();
$_SESSION['apps_been_here'] = 'Yes!';
echo "<a href='page2.php'>Clicky</a>";
?>
Then, on page2.php
:
<?php
/**
* App2
* /page2.php
*/
session_start();
echo "Have you been here: {$_SESSION['apps_been_here']}";
This does not print "yes" to the user if the user is logged into app1 as well! However, users who don't use app1 do see "yes" on page2.php
. Investigating, I opened the session files in /var/lib/php/session/
. I see only variables in that file that begin with the prefix app1_
and none that begin with app2_
for users who are logged into app1. Other users who are not logged into app1 do have variables what begin with app2_
in their session files!
I have checked with lsof
that the files are not locked and I have confirmed that there are no open browser windows running app1
pages in the browser. Why might the App2 session variables not be stored to the session file? There is plenty of free memory and hard drive space, and the CPU load is under 0.1 (as measured by uptime
). Theproblem happens for multiple users in multiple browsers (Firefox, Chrome). Clearing browser cookies and cache does not help.
I believe what you are doing should work but there is a better way to do it that may fix your problem in your case. Instead of prefixing your session keys with 'app1' or 'app2' just use the session_name() function before session_start() like:
session_name('app1');
session_start();
$_SESSION['been_here'] = 'Yes!';
...
You can also adjust the session cookie path with session_set_cookie_params() so both apps would be completely invisible to each other like: session_set_cookie_params(60*60*24*30, '/app1/');
For further troubleshooting you should examine everywhere you're using session_* functions and look at the session.* config options in your php.ini.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With