PHP Session无法在PHP5中运行

I have 2 pages: login.php and index.php. Both pages start with

session_start();

When I set

$_SESSION['user'] = "name";

in login.php and than open index.php, my session object is empty. How come?

EDIT:

I found the problem: IE 7. I had to grand access to my domain. However, I thought a session is stored on the server, instead of the client? Than why do I have IE grand access to my domain? (http://www.pcwindowstips.com/2007/09/04/how-to-enable-cookies-in-internet-explorer-7/)

I thought a session is stored on the server, instead of the client? Than why do I have IE grant access to my domain? (http://www.pcwindowstips.com/2007/09/04/how-to-enable-cookies-in-internet-explorer-7/)

The way sessions work is that a session cookie is stored for the site, which contains your session ID. The only way the server knows who you are is when it reads the session ID cookie on every page load. All of the $_SESSION data is stored on the server for each user, but the cookie must be set for the server to know which $_SESSION data to retrieve.

This is also why you can essentially "become" another user if you obtain their session id cookie.

Not much info here, I'll try to use my psychic powers.

After the user logs in, do you set the session var and then redirect the user to index.php using an http header? If so, I don't think the session cookie gets sent to the user. If that is the case, the solutions are:

  1. call session_start() when the login form is initially displayed (not just after the user posts back to it); or:
  2. display a "login successful!" message and then redirect with a meta-refresh, or just provide a link to index.php.

You can also try to dump the session ID on both pages, to see if you are somehow starting a new session:

echo 'Session ID is: ' . SID . "<br/>
"

You need verify if the cookies are enabled and nothing ( this includes blank lines in the beginning or in the end of archive) sent to browser before you call session_start().

Internet Explorers have a stricter cookie policy than most other browsers. Check your session cookie parameters (see also session_get_cookie_params()) and try to replace the default values by explicit values where possible. Additionally you might send a [fake P3P policy](http://msdn.microsoft.com/en-us/library/ms537343(VS.85).aspx) to satisfy the Internet Explorers.

Perhaps this variable in php.ini is mapping to an existing path

session.save_path = "c:/wrong/path"

Here is something that happened to me that might shed light for someone. My session wasn't working properly. IE 8 and Firefox were losing the session information.

I included a file. That included file had an extra carriage return after the trailing &ques?>

That carriage return started the session. I put session_start after the include. BOOM.