session variable value changed

0
votes

I am using session to store some data in my php website, but in some page when I fetched the data in the session is changed some times and some time its same. I searched lots of and find some answer at

session id value changes

" if you have register globals on, you may be seeing behavior like that if you use the variable $id in your code. As a test, try:

<?php
session_start();
$_SESSION['testing'] = 'Foo';
$testing = 'bar';
die($_SESSION['testing']);
?>

"

help me i searched in my php file but i dont find similar variables like session variables so what is the problem ?? give me some details about php session and if possible suggest good books.

edited :

i have set the php.ini as all of you saying its problem of register_global off and than ckeck by using phpinfo(); function and check the register_global is off. but after some time i logged in with my id and than at mypage menu.php accessed by me after that its changed session logged id and i logged in another account automatically. please help me

3
phpsession

3 Answers

1
votes

Disabling Register_Globals by adding the following line in your php.ini file may fix this problem.

register_globals = Off

If you are using a Shared Web Hosting service, follow:

  • If you have access to /cgi-bin folder then create your custom php.ini file inside it.
  • And if you dont have access, then create your custom php.ini file in root folder.

And then add above mentioned line in php.ini file.

Adding the following line of code in your .htaccess file also fix your problem.

php_flag register_globals off

0
votes

You shouldn't be using register globals so it shouldn't be an issue.

Add this line to .htaccess to disable if you have register globals running:

php_flag register_globals off

it can't be done with ini_set() at runtime so you will need to use htaccess or php.ini as in previous answer.

0
votes

It's unlikely these days that register_globals is your problem. More likely it's to do with a) where the actual session data is being stored; and b) how the "session ID" is being transmitted from one request to the next.

The first thing to look at is session_save_path(), which tells PHP where on disk to store the data that you put into the session variables.

The other part is a little more complicated, but is about how the cookie is set which lets PHP know to load the same session rather than creating a new one. You might need to look at things like the lifetime of this cookie, or the scope (domain / sub-domain / URL path) it applies to. Have a look at session_set_cookie_params(), and in general have a read through that section of the PHP manual to understand how sessions work.