Home » Php » PHP Session Variables Not Preserved

PHP Session Variables Not Preserved

Posted by: admin July 12, 2020 Leave a comment

Questions:

I am unable to use session variables on a page other than the one where they are set, IOW they act like non-session variables. I have found a similar question posted in half a dozen other similar fora, but the answer in those other cases always turns out not to apply.

Here are my files:

sess1.php

<?php
session_start();

session_register("userid");
session_register("textvar");

$_SESSION['userid'] = 10333 ;
$_SESSION['textvar'] = TextVariable ;

echo "<p>User ID is: " . $_SESSION['userid'] . "</p>" ;
echo "<p>Another variable is: " . $_SESSION['textvar'] . "</p>" ;
?>
<p>Go to the <a href="sess2.php">next page</a>.</p>

and,
sess2.php

<?php
session_start();

echo "<p>The userid session variable is: " . $_SESSION['userid'] . "</p>";
echo "<p>The other session variable is: " . $_SESSION['newvar']. "</p> ";
?>

The browser output in each case is:

sess1.php

User ID is: 10333

Another variable is: TextVariable

Go to the [next page].

and,
sess2.php

The userid session variable is:

The other session variable is:

Go to the [last page].

A few things it is NOT:

  • I do have session_start() at the top of both files.
  • The variables directory is writable, and the session variables are showing up there. (I have about a hundred little files called sess_b62, that have this inside: ‘userid|i:10333;textvar|s:12:”TextVariable”;’.)
  • phpinfo() tells me that the php.ini file is being read correctly and the lifetime is set to the default, 0, i.e. until the browser is closed.

I’m at my wit’s end. Any suggestions?

Thanks so much.

How to&Answers:

The session ID has to be carried along in some way in order that the same session can be used over several pages. In general this is done with a cookie (see session.use_cookies) but it can also be done in the URL or in forms (see session.use_trans_sid).

So first you have to make sure that the session ID is transmitted so that PHP can load the right session and session data.

See also Is my understanding of PHP sessions correct?

Answer:

session_register() is not required and may be causing a problem here. Read the docs on session_register() – it is intended to assign session variables using existing variables.

and from here:

Well, session_register() tells PHP that a certain global variable should be considered a session variable. That means that at the end of the script’s execution (which is when session data writes usually occur), the resulting value of that global variable will be written using the current enabled session handlers.

I think this is the problem that you are experiencing. At the end of the script execution the session variable gets over-written.

Answer:

I was facing the same problem. The reason was, in php.ini I’ve set the value of session.cookie_secure parameter to 1. But I was using the http protocol instead of the https protocol; using the https protocol resolved the issue.

Setting session.cookie_secure = 1 indicates cookies should only be sent over secure connections. Therefore, I was getting new session_ids on every new page while using http.

Answer:

One mistake that I see is that in the first file you are setting $_SESSION['textvar'] and in the second file you are calling $_SESSION['newvar'].

Also, I tested your code on a server I know is working and it worked fine other than the above error.

I also tried removing the session_register() and the code still works perfectly.

Answer:

“session_register() accepts a variable number of arguments, any of which can be either a string holding the name of a variable or an array consisting of variable names or other arrays. For each name, session_register() registers the global variable with that name in the current session.”

because you have no variables with those names, the result will unpredictable.

just use $_SESSION[$key] = $value;

Answer:

If all the above does not solve the problem, I´ll just ask the obvious: There wouldn´t be any spaces or new-lines before the opening php tag?

You can also check for messages in the server error log file, that should tell you whether your variables are defined (although I guess that depends on the level of error reporting as well).

Answer:

Use some kind of tool and check the http headers so you can see how the cookie is being sent. Perhaps your web-server is miss-configured and sending out cookies with an invalid different domain.

You might want to look at doing session_set_cookie_params() on each request and making sure the correct domain, path, and such are set.

Answer:

Another obvious thing to check:

Make sure your disk space isn’t full; which would prevent session data from being saved.

Answer:

Know this is an older post but I have had a similar problem (not using session_register()).

Had to convert sessions to cookies because the session was timing out too often and, due to the server set up (‘special’ windows server hosting environment (with Apache)), the PHP session time out value could not be changed.

End result was/is that now after converting to Cookies with extended life, the cookie data is still being lost (in transmission)? sometimes.

Very frustrating.

I have NOT EVER had this happen in a LAMP environment so maybe the question to ask is whether or not you are using a LAMP server.

Hope this helps. I don’t think this is a PHP problem.

Answer:

Check server logs of your PHP server, for example, nginx or apache.

You can find information why sessions don’t work in nginx error.log. Path to that file usually is: /var/log/nginx/error.log.

In my case it was saying that session data can’t be saved. It turned out that in the same directory old error.log.1 file had size of 17 GB and took all available disk space.

Simply freeing disk space restored normal behavior of sessions.

Answer:

Use session_register in both files and it should work.