PHPSESSID problem

**peter** · Oct 10 '06, 12:25 AM

Re: PHPSESSID problem

<nigel.t@by.ukw rote in message
news:MPG.1f9489 496079c6d598990 7@news-text.blueyonder .co.uk...

>I have a page that contains just
>
<?php
session_start() ;
$_SESSION['test'] = 'HELLO';
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($ _SERVER['PHP_SELF']), '/\\');
$extra = '../listings/store.php';
header("Locatio n: http://$host$uri/$extra");
exit;
?>
>
store.php would then start with:
>
<?php
session_start() ;
echo($_SESSION['test']);
// and so on
?>
>
>
The purpose of the page is just to do a re-direct but is needed.
>
The problem I have is this:
>
If a user comes to my site with: www.mysite.com and then visits
the above re-direct script/page all is well and the page store.php can do
>
echo($_SESSION['test']); and get HELLO out.
>
BUT
>
If the user comes to the site with just mysite.com
PHP sets TWO PHPSESSID cookies : one for mysite.com and another for

https://www.mysite.com

>
This causes the $_SESSION['test'] variable to be lost.
>
Hard coding the re-direct page can't cure this for me.
>
Can anyone shed any light or help me prevent the second PHPSESSID from
losing the variable please?
>

You could always use a htaccess redirect to ensure that people who came to
yoursite.com would be redirected to www.yoursite.com

**nigel.t@by.uk** · Oct 10 '06, 11:05 AM

Re: PHPSESSID problem

In article <egepup$ju1$1@e mma.aioe.org>, submit@flexiweb host.com says...

>
<nigel.t@by.ukw rote in message
news:MPG.1f9489 496079c6d598990 7@news-text.blueyonder .co.uk...

I have a page that contains just

<?php
session_start() ;
$_SESSION['test'] = 'HELLO';
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($ _SERVER['PHP_SELF']), '/\\');
$extra = '../listings/store.php';
header("Locatio n: http://$host$uri/$extra");
exit;
?>

store.php would then start with:

<?php
session_start() ;
echo($_SESSION['test']);
// and so on
?>

The purpose of the page is just to do a re-direct but is needed.

The problem I have is this:

If a user comes to my site with: www.mysite.com and then visits
the above re-direct script/page all is well and the page store.php can do

echo($_SESSION['test']); and get HELLO out.

BUT

If the user comes to the site with just mysite.com
PHP sets TWO PHPSESSID cookies : one for mysite.com and another for

https://www.mysite.com

This causes the $_SESSION['test'] variable to be lost.

Hard coding the re-direct page can't cure this for me.

Can anyone shed any light or help me prevent the second PHPSESSID from
losing the variable please?

>
You could always use a htaccess redirect to ensure that people who came to
yoursite.com would be redirected to www.yoursite.com
>

Thanks for the idea peter but that doesn't do it I'm afraid as I'd need
the redirect everywhere on the site.

This is turning into a worrying problem here. Fortunately we havn't
implemented passwords with PHP sessions! That would have been a disaster.

nigel.

**peter** · Oct 10 '06, 12:15 PM

Re: PHPSESSID problem

Thanks for the idea peter but that doesn't do it I'm afraid as I'd need
the redirect everywhere on the site.
>
This is turning into a worrying problem here. Fortunately we havn't
implemented passwords with PHP sessions! That would have been a disaster.
>

you only need do it once in your root folder in a .htaccess file and it will
work for all pages.

**nigel.t@by.uk** · Oct 11 '06, 06:55 AM

Re: PHPSESSID problem

In article <egg41d$9g3$1@e mma.aioe.org>, submit@flexiweb host.com says...

>

Thanks for the idea peter but that doesn't do it I'm afraid as I'd need
the redirect everywhere on the site.

This is turning into a worrying problem here. Fortunately we havn't
implemented passwords with PHP sessions! That would have been a disaster.

>
you only need do it once in your root folder in a .htaccess file and it will
work for all pages.
>
>
>

Not if people never go to that page peter. It would need to be in every
folder we have a web page in. According to the PHP docs this would
generate a massive performance and memory hit.

**Jerry Stuckle** · Oct 11 '06, 11:35 AM

Re: PHPSESSID problem

nigel.t@by.uk wrote:

In article <egg41d$9g3$1@e mma.aioe.org>, submit@flexiweb host.com says...
>

>>>Thanks for the idea peter but that doesn't do it I'm afraid as I'd need
>>>the redirect everywhere on the site.
>>>
>>>This is turning into a worrying problem here. Fortunately we havn't
>>>implemente d passwords with PHP sessions! That would have been a disaster.
>>>

>>
>>you only need do it once in your root folder in a .htaccess file and it will
>>work for all pages.
>>
>>
>>

>
Not if people never go to that page peter. It would need to be in every
folder we have a web page in. According to the PHP docs this would
generate a massive performance and memory hit.
>

Incorrect.

Apache searches the current directory and all directories above it (up
to your document root). A .htaccess file in your root directory will
affect all pages in your site.

And it can be a slight performance hit, but unless you have a large
..htaccess file or your server is already way overloaded you shouldn't
notice any difference.

If that is still a concern to you just place it in your httpd.conf.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

PHPSESSID problem

PHPSESSID problem

Comment

Comment

Comment

Comment

Comment