Menu
My script, test.php, is below. When I click on Submit, it processes this as a login attempt and successfully sets up $_SESSION variables. But when I reload the page (by clicking a link back to itself), $_SESSION is empty.
<?php
//test.php
session_start ();
function isUserLoggedIn (&$username)
{
$loggedIn = isset ($_SESSION['loggedin']);
if ($loggedIn)
$username = $_SESSION['user'];
else
$username = '';
return $loggedIn;
}
function processLogin ()
{
$_SESSION['loggedin'] = TRUE;
$_SESSION['user'] = "podunk";
session_write_close ();
}
echo '$_SESSION before we do anything..................: ';
print_r ($_SESSION);
echo "<br>";
if (isset($_POST['Submit'])) processLogin ();
$loggedIn = isUserLoggedIn ($username);
echo '$_SESSION after processing any login attempt: ';
print_r ($_SESSION);
echo "<br>";
if ($loggedIn)
echo "I AM LOGGED IN as $username!";
else
echo "I am logged out :(";
?>
<html>
<body>
<form name="form1" method="post" action="test.php">
<input type="submit" name="Submit" value="Login">
</form>
<a href="test.php">Reload page</a>
</body>
</html>
This is when I run it on my Linux apache2 server. When I run it on XAMPP, $_SESSION persists and the user remains logged in. So I am guessing it's something to do with php.ini... but maybe I've got a mistake here and XAMPP is being forgiving.
The Linux server is successfully running WordPress, so its setup can't be too strange. Just did a system upgrade, as recommended. The session.save_path exists and has something in it dated today, so I assume it's working, although it's owned by root not www-data, so IDK if that's an issue.
Here are some other things from php info. IDK about that cookie_path, so I changed it to the same place as session.save_path, FWIW.
session.auto_start On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
Behavior is the same using Chrome, Firefox, and IE.
TIA.
457
PHP $_SESSION is an associative array that contains all session variables. It is used to set and get session variable values.
They're generally stored on the server. Where they're stored is up to you as the developer. You can use the session. save_handler configuration variable and the session_set_save_handler to control how sessions get saved on the server.
PHP isset() FunctionThis function returns true if the variable exists and is not NULL, otherwise it returns false. Note: If multiple variables are supplied, then this function will return true only if all of the variables are set. Tip: A variable can be unset with the unset() function.
The flow of your script is basically this
start the session
run processLogin();
run isUserLoggedIn()
However, in your processLogin() you force the session to close using session_write_close() therefore when you get to isUserLoggedIn() and query the contents of the session (which is now closed) it looks like you are not logged in.
Try running the code without forcing the session to close.
I have to say I would have been asking why this appears to work on one of your environments!
162
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
