PHP session handling errors

Question

I have this at the very top of my send.php file:

ob_start();
@session_start();

//some display stuff

$_SESSION['id'] = $id; //$id has a value
header('location: test.php');

And the following at the very top of my test.php file:

ob_start();
@session_start();

error_reporting(E_ALL);
ini_set('display_errors', '1');

print_r($_SESSION);

When the data sends to test.php, the following is displayed:

Array ( )

Warning: Unknown: open(/var/lib/php/session/sess_isu2r2bqudeosqvpoo8a67oj02, O_RDWR) failed: Permission denied (13) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0

I've tried only using session_start(); but the results are the same.

Answer 1

Look at your message

So first thing it relate to permission

open(/var/lib/php/session/sess_isu2r2bqudeosqvpoo8a67oj02, O_RDWR) failed: Permission denied (13) in Unknown on line 0

you have to check file permission change mode this /var/lib/php/session/

Second thing it relate to session.save_path

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0

in php.ini

[Session]
; Handler used to store/retrieve data.
session.save_handler = files

; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
; 
; As of PHP 4.0.1, you can define the path as:
; 
;     session.save_path = "N;/path"
; 
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; 
; NOTE 1: PHP will not create this directory structure automatically.
;         You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;         use subdirectories for session storage
;
session.save_path = /tmp/    <= HERE YOU HAVE TO MAKE SURE

; Whether to use cookies.
session.use_cookies = 1

Answer 2

you have to change your session.save_path setting to the accessible dir, /tmp/ for example

How to change: http://php.net/session_save_path

Being on the shared host, it is advised to set your session save path inside of your home directory but below document root

also note that

• using ob_start is unnecessary here,
• and I am sure you put @ operator by accident and already going to remove it forever, don't you?

Answer 3

This was a known bug in version(s) of PHP . Depending on your server environment, you can try setting the sessions folder to 777:

/var/lib/php/session (your location may vary)

I ended up using this workaround:

session_save_path('/path/not/accessable_to_world/sessions');
ini_set('session.gc_probability', 1);

You will have to create this folder and make it writeable. I havent messed around with the permissions much, but 777 worked for me (obviously).

Make sure the place where you are storing your sessions isn't accessible to the world.

This solution may not work for everyone, but I hope it helps some people!

Answer 4

You can fix the issue with the following steps:

1. Verify the folder exists with sudo cd /var/lib/php/session. If it does not exist then sudo mkdir /var/lib/php/session or double check the logs to make sure you have the correct path.
2. Give the folder full read and write permissions with sudo chmod 666 /var/lib/php/session.

Rerun you script and it should be working fine, however, it's not recommended to leave the folder with full permissions. For security, files and folders should only have the minimum permissions required. The following steps will fix that:

1. You should already be in the session folder so just run sudo ls -l to find out the owner of the session file.
2. Set the correct owner of the session folder with sudo chown user /var/lib/php/session.
3. Give just the owner full read and write permissions with sudo chmod 600 /var/lib/php/session.

NB

You might not need to use the sudo command.

Answer 5

Go to your PHP.ini file or find PHP.ini EZConfig on your Cpanel and set your session.save_path to the full path leading to the tmp file, i.e: /home/cpanelusername/tmp

Answer 6

I had the same error everything was correct like the setting the folder permissions.

It looks like an bug in php in my case because when i delete my PHPSESSID cookie it was working again so aperently something was messed up and the session got removed but the cookie was still active so php had to define the cause differently and checking first if the session file is still they and give another error and not the permission error

Answer 7

When using latest WHM (v66.0.23) you may go to MultiPHP INI Editor choose PHP version and set session.save_path to default i.e. /var/cpanel/php/sessions/ea-php70 instead of previous simple tmp - this helped me to get rid of such errors.

Answer 8

please make sure the session.save_path is set correctly in the php.ini. php needs read/write access to the directory to which this variable is set.

more information: http://www.php.net/manual/en/session.configuration.php#ini.session.save-path

Answer 9

When using the header function, php does not trigger a close on the current session. You must use session_write_close to close the session and remove the file lock from the session file.

ob_start();
@session_start();

//some display stuff

$_SESSION['id'] = $id; //$id has a value
session_write_close();
header('location: test.php');

Answer 10

check your cpanels space.remove unused file or error.log file & then try to login your application(This work for me);

Answer 11

I got these two error messages, along with two others, and fiddled around for a while before discovering that all I needed to do was restart XAMPP! I hope this helps save someone else from the same wasted time!

Warning: session_start(): open(/var/folders/zw/hdfw48qd25xcch5sz9dd3w600000gn/T/sess_f8bgs41qn3fk6d95s0pfps60n4, O_RDWR) failed: Permission denied (13) in /Applications/XAMPP/xamppfiles/htdocs/foo/bar.php on line 3

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /Applications/XAMPP/xamppfiles/htdocs/foo/bar.php:3) in /Applications/XAMPP/xamppfiles/htdocs/foo/bar.php on line 3

Warning: Unknown: open(/var/lib/php/session/sess_isu2r2bqudeosqvpoo8a67oj02, O_RDWR) failed: Permission denied (13) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0

Answer 12

I'm using php-5.4.45 and I got the same problem.

If you are a php-fpm user, try edit php-fpm.conf and change listen.owner and listen.group to the right one. My nginx user is apache, so here I change these to params to apache, then it works well for me.

For apache user, I guess you should edit your fast-cgi params refer the two params I mention above.

Answer 13

If you use a configured vhost and find the same error then you can override the default setting of php_value session.save_path under your <VirtualHost *:80>

#
# Apache specific PHP configuration options
# those can be override in each configured vhost
#
php_value session.save_handler "files"
php_value session.save_path    "/var/lib/php/5.6/session"
php_value soap.wsdl_cache_dir  "/var/lib/php/5.6/wsdlcache"

Change the path to your own '/tmp' with chmod 777.