Thank you very much for that, I made the suggested changes.
The problem was again coming from the session.save_path directive which was not well configured.
With your settings I know have a wonderful display of "undefined index", coming from all that non instantiated variables...at least I know what I have to do now!!
One thing:
I use @session_start() because in the other case I have a warning a session has already been started. On the other had have to call it at the beginning of each script.
Is there a way to test that?
With php5 I also saw than a script having a white line and only later on the <?php is not interpreted but displayed as text.
Any reason for that?
Once again thank you for your help, and sorry I should have displayed the errors at the beginning.
From: Martin Norland <martin.norland@xxxxxxxxxx> Reply-To: php-db@xxxxxxxxxxxxx To: php-db@xxxxxxxxxxxxx Subject: Re: php5-sessions next Date: Wed, 02 Mar 2005 10:50:38 -0600
mel list_php wrote:Hi again,
I erased and recreated my php.ini file from the php ini recommended.
In my application I use a suthentication of the user against a database table, once the user is allowed I set a session variable at true.
I test this variable at the beginning of each script.
With php4 no problem, in each script I have: @session_start(); if (!$_SESSION['allowed']) exit();
With php5, I'm unable to navigate through different protected pages, each time I have to re-login.
I don't know if it is something in my php.ini that is wrong, or if the session support has been modified between php4 and 5?
I tried to find information on the web but without success.
Comparing the section dedicated to session in phpinfo on my 4.3 and on 4.5, the only difference is on 4.3 session.save_path=/tmp whereas for php5 even if specified in the php.ini it still has no value.
I'm a bit stuck here, anybody has an idea?
Whenever you run into errors - the first thing to do is start getting error messages back. There are two ways to do this: 1) modify your php.ini to make sure it's reporting errors usefully, and check your logs - 2) modify your code that is EXPRESSLY SUPPRESSING ERRORS to not do so.
1) in php.ini (E_STRICT might be php5 only, I don't recall exactly - shouldn't hurt if it's undefined and you & ~ it)
error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT
2) in code
@session_start(); becomes session_start();
... in addition, there is an option that many developers do not change in php.ini between development and live sites - and they should:
--------------------
; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = Off
--------------------
you'll want to couple this with some of the following: -------------------- ; Log errors to specified file. ;error_log = filename ; Log errors to syslog (Event Log on NT, not valid in Windows 95). error_log = syslog --------------------
/longwindedrant
Cheers,
--
- Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital.
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
_________________________________________________________________ Express yourself with cool new emoticons http://www.msn.co.uk/specials/myemo
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
