PHP session not working in the same page

Question

<?php
    session_start();

    echo "BEFORE set::: " . $_SESSION['test'];         // should say 'Hello' AFTER page refresh
    echo "<pre>"; print_r($_SESSION); echo "</pre>";  // should show array AFTER page refresh

    $_SESSION['test'] = 'Hello';                       // setting session variable 'test'
    echo "<br />";

    echo "AFTER set::: " . $_SESSION['test'];          // says 'hello' at all times
    echo "<pre>"; print_r($_SESSION); echo "</pre>";  // shows array at all times

    echo "<br />";
    echo session_save_path();                         // echoed path should have session files in it

    phpinfo();                                        // shows php settings
?>

---

However, the output of the page is the same at all times regardless of how many page refreshes i make with no values 'BEFORE set:::'

BEFORE set:::
Array
(
)

AFTER set::: Hello
Array
(
    [test] => Hello
)

/var/lib/php/session

---

Also ls /var/lib/php/session reveals no files inside it. However, turning on developer console in chrome does show the same cookie value for the cookie key 'PHPSESSID' at all times

is there any PHP setting i need to tweak in my machine? Running on Amazon Linux EC2

Answer 1

It is solved

The sessions folder at /var/lib/php/session didn't have sufficient permissions. Hence no session files were being written into it. This should have thrown an error on my page. But my display_errors flag was set to off in my php.ini settings.

First, I turned on display_errors without touching the machine's php.ini settings by writing ini_set('display_errors', '1'); at the top of my PHP script. Then the errors started showing in my page. The error was:

Warning: session_start(): open(/var/lib/php/session/sess_r3um5msmio61t3vbbl7bp313i2, O_RDWR) failed: 
Permission denied (13) in /path/to/file/session.php on line 3
Undefined index: test in /path/to/file/session.php on line 5

Hence, i went to the session files folder and changed the folder permissions.

$> cd /var/lib/php
$> ls ./session #should have shown PHP session files but not showing anything
$> ls -l
drwx------ 2 root root 12288 Jan 29 08:38 session
$> chmod 777 session
$> ls -l
drwxrwxrwx 2 root root 12288 Jan 29 08:38 session
$> service httpd restart
$> ls ./session #now PHP session files should show up after a page refresh

Now the necessary session files were being written into the directory at /var/lib/php/session without any problem and the PHP sessions started to work properly

---

NOTE: using 777 for chmod is not the best practice as it opens up the directory/file with full permissions to the whole world. Choose the right chmod switch necessary to achieve your results. You can use http://www.onlineconversion.com/html_chmod_calculator.htm to determine the correct chmod switch for your scenario. I am open for comments on what should be the correct chmod or chown settings to use in this situation

Answer 2

To start debugging sessions, the first place to look is your error log. If there's nothing there, then check its working properly by explicitly throwing an error.

Next you should check to see if any script with session_start() is dropping a cookie on your browser. If it's not, then you've probably got a BOM marker in the PHP script or an auto-prepend file which is causing the headers to flush before you call session_start(). This also means that your error logging is broken - go back and fix the first step.

If the server is dropping a cookie in the response, check that the cookie is sent back on a subsequent request. If it isn't sent, then there's something wrong with the cookie path or your browser config.

If your browser is sending back the cookie it received and there is no data in the session - then your session handler is failing to write the data. The default session handler writes files to disk - but the configured path must exist and must be writeable. Once again you should never to get to this stage of checking if your error logging was setup correctly.