sessions problems

Hi All (again),

I have a problem with using the $_SESSIONS variables.

I have register_globals turned off in php.ini (default) but I have been lead
to believe that I should still be able to use the session variables. My
php_info() page says that session functionality is enabled.

This does not appear to be the case. My session variables never seem to
carry across from one page to the next. I have used them previously in
other projects and they worked perfectly.

I am aware that the good folk at php have cracked down on global variables
for security reasons and I was using php 4.4.5 when I first encountered the
problem. I have sicne updated to 4.4.6 with the same problem.

Is there any advice as to how to get the damn things to work?

I have been forced to use cookies for user authentication which I don't
really want to do and also I have a lot of other parts of my scripts that
could benefit from using session variables.

Thanks again in advance.

Schmalz.

Re: sessions problems

Schmalz wrote:
> Hi All (again),
>
> I have a problem with using the $_SESSIONS variables.
>
> I have register_globals turned off in php.ini (default) but I have been lead
> to believe that I should still be able to use the session variables. My
> php_info() page says that session functionality is enabled.

Variables like $_SESSION¸ $_REQUEST($_POST, $_GET, $_COCKIES), $_SERVER,
$_ENV, $_FILES and $GLOBALS are independent of the register_globals setting.
Enabling register_globals makes the values automatically transfered to a
variable with the same name (script.php?something=1 => $something).


> This does not appear to be the case. My session variables never seem to
> carry across from one page to the next. I have used them previously in
> other projects and they worked perfectly.

Did you remember to use session_start() ?
http://www.php.net/manual/en/function.session-start.php


> I have been forced to use cookies for user authentication which I don't
> really want to do and also I have a lot of other parts of my scripts that
> could benefit from using session variables.

You don't have to send all data with the cookie, you can just send an
identifier as a session cookie does and store the data locally.
One thing that could cause the session (and cookies) to not work is the bad
manner that MSIE handles cookies, see to that the php.ini has
session.cookie_domain and session.cookie_secure set to a value (not an empty
string which is the default, in which case the browser is supposed to set
those values, MSIE don't handle that well).


--

//Aho