Reputation: 181
PHP Session Id Reset on page load
I've looked at everything here and elsewhere, nothing seems to work!
Here's the issue:
- On page load, upon calling
session_start(), I get assigned a PHP session ID. - Once I refresh the page, I get a new session ID and that makes the
$_SESSIONvariable come empty.
PHP Version is: 5.6.30-0+deb8u1
I did a small script to replicate outside of the application:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
echo '<pre>';
echo 'orig session.cookie_domain = '.ini_get('session.cookie_domain').PHP_EOL;
echo 'orig session.cookie_secure = '.ini_get('session.cookie_secure').PHP_EOL;
ini_set('session.cookie_domain', '.mydomain.com');
ini_set('session.cookie_secure', 'Off');
echo 'new session.cookie_domain = '.ini_get('session.cookie_domain').PHP_EOL;
echo 'new session.cookie_secure = '.ini_get('session.cookie_secure').PHP_EOL;
echo '-------------'.PHP_EOL;
print_r($_COOKIE);
session_start();
print_r($_COOKIE);
setcookie(ini_get('session.name'), session_id(), 0, '/', ini_get('session.cookie_domain'), false, false);
print_r($_COOKIE);
echo '-------------'.PHP_EOL;
echo 'session id: '.session_id().PHP_EOL;
echo '-------------'.PHP_EOL;
$_SESSION[session_id()][] = date('Y-m-d H:i:s');
print_r($_SESSION);
echo '</pre>';
//phpinfo();
output of script is:
orig session.cookie_domain =
orig session.cookie_secure =
new session.cookie_domain = .mydomain.com
new session.cookie_secure = Off
-------------
Array
(
[__cfduid] => ddxxx
[_ga] => GA1.2.xxxx
[wp-settings-time-2] => 1500996194
[_gid] => GA1.3.xxxx
)
Array
(
[__cfduid] => ddxxx
[_ga] => GA1.2.xxxx
[wp-settings-time-2] => 1500996194
[_gid] => GA1.3.xxxx
)
Array
(
[__cfduid] => ddxxx
[_ga] => GA1.2.xxxx
[wp-settings-time-2] => 1500996194
[_gid] => GA1.3.xxxx
)
-------------
session id: 7n4mm16s525mpqo99r242p90l3
-------------
Array
(
[7n4mm16s525mpqo99r242p90l3] => Array
(
[0] => 2017-08-07 16:01:18
)
)
Upvotes: 0
Views: 1571
Answers (3)
Reputation: 236
check is_writable(session_save_path()) in php file:
<?php
if (!is_writable(session_save_path())) {
echo 'Session path "'.session_save_path().'" is not writable for PHP!';
// you need set chmod -R 777 [session save path folder]
}
Hope to help you
Upvotes: 0
Reputation: 181
After a lot of research, it came out to be Varnish cache causing the problem. The problem lies in Varnish caching the page without session cookies set, making it useless after a refresh of the page.
Disabling Varnish on the server solved the problem for me.
Also found out this for those who would prefer to keep Varnish active but get sessions to work: Cache-Control Header Fix
Upvotes: 1
Reputation: 2599
Do this, to preserve the existing session:
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
Upvotes: 0
Related Questions
- PHP Session Id changes between pages
- PHP session resets when i refresh page
- PHP Session ID changing on every request
- PHP Session variables resetting with each page load
- PHP: Session variable lost, session id changes (using Ajax)
- PHP session_id regenerated on refresh
- PHP session_id changes between pages or when refreshing the page
- PHP changes session ID on each request
- Session ID isn't registering as being set unless the page is refreshed after user signs in
- session id value changes