session wiped out between pages

Question

I'm making a login page and for some reason the session will not persist between where I set it and the page where I am forwarding to. I can comment out the header in the page where the session was initialized and see that the session has the data in it. However, when I do a print_r in the target page, the session is empty.

I have already made sure that session_start is called. There is only one domain for this site and my browser is set to accept cookies. I can forward to any other page and see the session data but just not this one.

Is there something that someone can offer to help in debugging this?

$_SESSION['auth'] = $auth;
header( "Location: /" ); // commenting this out shows the data is in fact there

I want to protect the index page so I test to see if session['auth'] is set. If not, I forward over to /user/login which allows the user to login. If successful then we forward back over to the index page where it should pass the isset session test. It fails though and there is no session data.

Answer 1

Something that I've ran in to quite a bit is accidentally redirecting from a page with 'www.' in the URL to a page without. I'm not exactly sure why it happens but for some reason the session between a site is different with and without the 'www.'.

Answer 2

set.php:

session_start();
$_SESSION['auth'] = true;

header('Location: /');

index.php:

session_start();

var_dump($_SESSION);

Create these 2 files and request set.php. What do you see?

Answer 3

If you set a session variable, then do a header redirect, you need to add session_write_close() before the redirect or you will lose your sesson modification.