PHP Session not Saving

Your session directory (probably /tmp/) is not writable.

Check with session_save_path() if it is writable.

if (!is_writable(session_save_path())) {
    echo 'Session path "'.session_save_path().'" is not writable for PHP!'; 
}

Do you actually set $_SESSION['id'] on a page...

What you are trying to do here is:

1. Start a session and load the $_SESSION from the session handler
2. Check if $_SESSION contains key 'id'
3. Redirect to index.php if $_SESSION['id'] is not set

Do you actually do this in index.php?

session_start();
$_SESSION['id'] = something;

you need declare $_SESSION['id'] :

file1.php

session_start();

$_SESSION['id'] = '123'  

file2.php

include 'file1.php'

if(isset($_SESSION['id']))
{

}
else
{
  header("location:index.php");
}

I know this is an old thread, but the following helped me with the same problem after hours of despair. Found on: http://php.net/manual/de/function.session-save-path.php

I made a folder next to the public html folder and placed these lines at the very first point in index.php

Location of session folder:

/domains/account/session

location of index.php

/domains/account/public_html/index.php

What I placed in index.php at line 0:

<?php 
ini_set('session.save_path',realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/../session'));
session_start();
?>

Hopefully this will save you time.

In my case I forgot that I had the PHP flag session.cookie_secure set to on, while the development environment was not TLS-secured.

More information about Session/Cookie parameters.

Couple things:

1. your include file doesn't have the <?php ?> tags, so the content will not be evaluated as PHP

2. Session_start must be called before you start outputting anything. Is that the case?

You still don't even answer where you SET $_SESSION['id']. $pid = $_SESSION['id'] does not set the session variable. session_start() comes before ANYTHING session related, it's not shown before your include.

I had the same problem and found a work-around for it. If anybody can explain why the session is not read even when the cookie is there, please let me know.

<?php
//  logged.php
//  The PHP session system will figure out whether to use cookies or URLs to pass the SID

if(!isset($_COOKIE['PHPSESSID']) && !isset($_GET['PHPSESSID']) && authenticationRoutine(/* Returns true if succesfully authenticated */) ) {
    session_id(uniqid("User--"));
    session_start();
    $_SESSION['id']=session_id();
}

?>



<?php
//  Insecure restd.php (The user can forge a stolen SID cookie or URL GET request, but that is inherent with PHP sessions)

if(!isset($_COOKIE['PHPSESSID']) && !isset($_GET['PHPSESSID']) {header('Location: index.php')}

?>

.

[EDIT]

Even though the cookie was there and I prevented starting a new session, the session had not been read and started, so no session variables were available. In this case I check if the session has been started first (not using session_status() because it doesn't exist in PHP 3.5, which for some reason is the most widespread among hosts). If no session has been started within PHP, I check if it had been started before by testing the cookies and GET variables. If a session ID was found, the script resumes the session with that ID. If no ID is available, the user gets redirected to the index.

<?php
//  restd.php
if(empty(session_id())) {
    if(isset($_COOKIE['PHPSESSID']) && !empty($_COOKIE['PHPSESSID'])) {session_id($_COOKIE['PHPSESSID']);}
    elseif(isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {session_id($_GET['PHPSESSID']);}
    else {header('Location: index.php'); exit(0);}
    session_start();
}

Check maybe your session path does not exist so you can save PHP session path using:

ini_set(' session.save_path','SOME WRITABLE PATH');