SESSION) Not Working on Remote Server

 

I have a login page where user enters his username ans password. If successful I redirect him to index.php where I start a session: 

session_start();

from index.php he can navigate to a different page ("p1.php") and on top of "p1.php" I have this check: 

<?php
if(!isset($_SESSION)) 
{ 
    exit;
} 
?>

This works on my local server, but when I deploy this on remote server !isset($_SESSION) always returns true.

What could be happening here?

EDIT: I found on my hosting provider side a request to add this in php.ini: 

session_save_path("your home directory path"/phpsessions);

And to create a phpsessions folder in my path.

I did but that didn't help.

I tried to do this as well:

in index.php: 

session_start();
if(isset($_REQUEST['lecturer_id']))
{
    echo "lecturer_id set";
    $_SESSION['lecturer_id'] = $_REQUEST['lecturer_id']; // store session data
}

and in p1.php: session_start(); if(!isset($_SESSION['lecturer_id'])) { exit; }

And the page always exits ie session variable is not defined

You'll just need to make sure you have session_start(); at the very top of your p1.php page and any page that uses session data.

The server is most likely creating a PHP session silently which your local server is not configured to do.

Try checking for a specific $_SESSION eg $_SESSION['x'] rather than just a $_SESSION .

Edit: Instead of checking isset($_SESSION) you should check for whatever session variable you set specifically: isset($_SESSION['SESSION_VARIABLE_YOU_SET'])

isset($_SESSION) returns true once session_start() is called, that's why you need to check for the specific $_SESSION variable you set

Probably the remote server is configured for session autostart. If you can configure this php instance you can check it in php.ini file (session_autostart directive).

Update: Sorry, I did not understand correctly your question. Really, if session autostart is set to "on" session always exists. You can not use isset($_SESSION) to determine if user is logged or not.

链接地址: http://www.djcxy.com/p/60236.html

上一篇: 用$确保用户登录系统的安全

下一篇: SESSION)无法在远程服务器上工作