Ben Everard
Ben Everard

Reputation: 13804

PHP session destroyed / lost after header

I've got a script that sets some session values before redirecting to / using header().

I've read many posts about the $_SESSION variable being destroyed / lost after header(), even after I implemented this:

// set session here

session_regenerate_id(true);
session_write_close();
header("Location: /");

session_start() is set in the correct places, does anyone know of anything that I might be missing?

On the index.php page I have this:

session_start();
print_r($_SESSION);

// outputs nothing :'(

The code is pretty complex so will not post it all, just snippets.

Upvotes: 16

Views: 42025

Answers (9)

Hakan
Hakan

Reputation: 623

$_SESSION["feedback"]="Bla bla sth";
header('location:'.srv.'feedback');

Session is destroyed after header location redirect in Chrome. But everything works well in Firefox. In chrome, in incognito mode(private window) everything works well too.

I think it is browser based problem about caching. As a developer you tried many times and chrome is cached something.

Upvotes: 0

BsHr Алвани
BsHr Алвани

Reputation: 45

I had the same problem, I found that using a function related to Session helps to ensure if you started a session or not

if(session_status == PHP_SESSION_NONE)
   session_start();

Upvotes: -2

PMekuli
PMekuli

Reputation: 150

One possible option that was not mention here and happened to me is that I was creating another session. When you're using session in php you can use only one session at a time. If you create a new session the old one is lost. This is more likely to happen when you create a session for login and maybe you want another session for something else(It's not that recommended anyway). My case was a flash() method which I used to create a session only once a post was added/updated/deleted. And use that session in the views to display a message then destroy it. Every time I created a new session while adding/updating/deleting the other session that I used for login was destroyed. This is not something that happens to often but it's possible.

Upvotes: 0

Shivaram Mahapatro
Shivaram Mahapatro

Reputation: 125

You don't need to start session_start() in each page. cuz untill your browser is closed the same session remains for the entire path you have specified in php.ini

Upvotes: -4

vivek goyal
vivek goyal

Reputation: 41

After the Header redirect you need to exit the PHP script:

header("Location: /");
exit();

Upvotes: 4

streetparade
streetparade

Reputation: 32918

header must be sent before session close

session_regenerate_id(true);

header("Location: /");
// the header must be sent before session close
session_write_close(); // here you could also use exit();

Upvotes: 5

junaid
junaid

Reputation: 41

just put exit; after header :D I solved by this

Upvotes: 4

Ben Everard
Ben Everard

Reputation: 13804

In the interest of closing this question, we had concluded it was a problem with the server configuration, not surprising considering the host is well known for this kind of thing.

Upvotes: 4

John Parker
John Parker

Reputation: 54445

I've never seen any session related issues due to using location headers - are you sure you're calling session_start on both pages?


Hmm... this answer made a lot more sense before you added the session_start bits above, and mentioned the fact that you were sure you were using session_start. :-)

Upvotes: 12

Related Questions