PHP Sessions not saving

software development


Is anyone having (or HAD) problems on DreamHost with the $_SESSION variable not saving properly even after start_session(); and writing afterwords? I can’t seem to transfer my session variables for more than 1 page ahead at a time. I know there’s a session being written to the servers temp folder and the dates are current.

ie. if I:


then on the next page (different php file) I can’t access $_SESSION[‘page’]

Any ideas?



It sounds like your problem might be similiar to the one in this thread::

I’m wondering if register_globals On/OFF or PHP4/PHP5 might be part of the issue here?



On my server I have register_globals off, and it’s running PHP 4.
I changed DreamHost to PHP4 as well.

I’m still having the same problem. There has to be some server setting that I’m missing.


Do you have session_start(); in the next page where you try to retrieve the session value?

$50 off and 3 free domains with code: [color=#CC0000]DH3[/color] Sign Up NOW or More Codes Here



The .html file calls auth.php to verify if the user has logged in or not, if not it goes to the login.php page, if he has, it verifies it through the $_SESSION variables for username and password compared to the database and lets the user view the page. If the username/password are invalid it goes to the login.php page again to have them re-enter it.

As I said the .html page has this at the top:

<?PHP session_start(); $_SESSION['page'] = "index.html" //or whatever that page file is session_write_close(); require 'auth.php'; ?>

here’s the auth.php page(required by all ‘secure’ .html pages:

<?PHP include '../Scripts/functions.php'; session_start(); if (!$_SESSION['user1'] || !$_SESSION['pass1']) { // What to do if the user hasn't logged in // We'll just redirect them to the login page. header('Location: login.php'); exit(); } else { // If the session variables exist, check to see // if the user has access. AccessDB(); $result = mysql_query("SELECT count(UserID) FROM users WHERE Password='$_SESSION[pass1]' AND Username='$_SESSION[user1]'") or die("Couldn't query the user-database. auth"); $num = mysql_result($result, 0); if (!$num) { // If the credentials didn't match, // redirect the user to the login screen. session_write_close(); header('Location: login.php'); exit(); } } ?>

Here’s the login.php page which is called only from the auth.php page when needed:

<?PHP include '../Scripts/functions.php'; AccessDB(); // Add slashes to the username, and make a md5 checksum of the password. $_POST['user'] = addslashes($_POST['user']); $_POST['pass'] = MD5($_POST['pass']); $result = mysql_query("SELECT count(UserID) FROM users WHERE Password='$_POST[pass]' AND Username='$_POST[user]'") or die("Couldn't query the user-database."); $num = mysql_result($result, 0); if (!$num) { // When the query didn't return anything, // display the login form. echo "Login

User Login

"; echo ""; echo "Username: "; echo "Password: "; echo ""; echo ""; echo ""; } else { // Start the login session session_start(); // We've already added slashes and MD5'd the password $_SESSION['user1'] = $_POST['user']; $_SESSION['pass1'] = $_POST['pass']; // All output text below this line will be displayed // to the users that are authenticated. Since no text // has been output yet, you could also use redirect // the user to the next page using the header() function. // header('Location: auth.php'); if(isset($_SESSION['page'])) { $go = $_SESSION['page']; } else { $go = "index.html"; } header("Location: $go"); exit(); }


It turns out that since I needed to embed PHP I had to have the following in my htaccess file:
ForceType application/x-httpd-php
which caused the .html files to be a different module/version than the .php files. I just changed my .php files to .html files and it works now! :slight_smile: YEAH.

Thanks to Robert at DreamHost for helping me figure this out.