PHP session dropped when filename is stripped

Question

This is a quick question, that has been bugging me for quite some time!

I have a pagewww.example.com/dir/index.php which sets a $_SESSION variable. I access this variable again on www.example.com/dir/dir2/dostuff.php and this works fine!

However, if I set the session through www.example.com/dir/ it isn't set in www.example.com/dir/dir2/dostuff.php.

I have rewritten the .htaccess with

RewriteRule ^.*\/dir\/$ /dir/index.php [NC]

and set my php.ini in index.php using:

ini_set('session.cookie_domain', '.example.com');

However without results. Does anyone have any suggestions?

Update:

In a nutshell index.php simply runs:

if (!isset($_SESSION)) session_start();
$_SESSION['param'] = "val";

The dostuff.php runs:

if (!isset($_SESSION)) session_start();
echo $_SESSION['param'];

Does `index.php` contain a `session_start()`? If it's redirecting to there first, it may not be keeping the session alive. Make sure you're calling it on every page. — brbcoding, Mar 08 '13 at 20:09
Okay, one solution is to define a folder to save the sessions in with `session_save_path('sessions');` and locate that folder with it's relative path `session_save_path('../sessions');` but there must be an easier solution, right? — Andreas Jarbol, Mar 08 '13 at 20:45

score 0 · Answer 1 · answered Mar 08 '13 at 20:46

From session_start

session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

You should call session_start() unconditionally, when you want to access _SESSION variables.

PHP session dropped when filename is stripped

1 Answers1