I use to have my website hosted on 1and1 server for years and it was working fine (php 7.4).
Since, i decided to switch to a dedicated server w/Linux ubuntu OS for my webserver (php 8.1.2).
All is working fine after the migration but I have a weird issue: when I get a redirection from an Ajax/php query I usualy redict (using JS) the client to a desired web page and the session is lost.
I do have the session_start(); and ensure that it do not switch from www.mywebsite.com to mywebsite.com.
I am confused as it is 100% the code that is working on the hosted server.
other clue, I see that the approval of cookies always prompt. so there is clearly a session issue that un_sync the client/server session_id.
Any config to ensure on a new apache server ? I can see in my "/var/lib/php/sessions" folder a new session every time i trigger the redirection ...
I would appreciate any advise.
here is my SESSION config from php.ini:
Session Support enabled
Registered save handlers files user
Registered serializer handlers php_serialize php php_binary
Directive Local Value Master Value
session.auto_start Off Off
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_samesite no value no value
session.cookie_secure 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 0 0
session.lazy_write On On
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /var/lib/php/sessions /var/lib/php/sessions
session.serialize_handler php php
session.sid_bits_per_character 5 5
session.sid_length 26 26
session.upload_progress.cleanup On On
session.upload_progress.enabled On On
session.upload_progress.freq 1% 1%
session.upload_progress.min_freq 1 1
session.upload_progress.name PHP_SESSION_UPLOAD_PROGRESS PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix upload_progress_ upload_progress_
session.use_cookies 1 1
session.use_only_cookies 1 1
session.use_strict_mode 0 0
session.use_trans_sid 0 0
CodePudding user response:
session_start();should be declared at the top of the script before any html output, including white spaces.<?php session_start(); // codeDo you also use session_name()? https://www.php.net/manual/en/function.session-name.php
Check the cookie name
PHPSESSIDand see if it's changing.You could try to store the sessions in Redis for example, maybe it's a cron that is deleting the contents of your
/var/lib/php/sessions?
CodePudding user response:
Sometimes the default session path may not be writeable or a custom session handler might be used by the new server you're using.
In this case I usually try override the session storage path and see if the session sticks between requests.
The below code should be placed at the earliest point in the request lifecycle. (before any other code is executed)
<?php
//DEFINE THE CUSTOM SESSION STORAGE PATH
$session_save_path = '/path/to/custom/session/storage';
//MAKE THE FOLDER IF NEEDED
if(!file_exists($session_save_path)) mkdir($session_save_path, 0755, true);
//SET THE SESSION TO USE THE CUSTOM PATH
session_save_path(realpath($session_save_path));
//START THE SESSION IF POSSIBLE
if(!session_id()) session_start();
...
See the PHP documentation https://www.php.net/manual/en/function.session-save-path.php
Another possible problem is that the session cookie isnt being sent with your ajax request.
If that is the case you might want to see this answer: Why is jQuery's .ajax() method not sending my session cookie?
CodePudding user response:
What I understand is that session data is lost. If I understood correctly you can try updating your server's write permissions.
it look like;
sudo chmod 1777 -R /home/your_user_path/tmp/