I've been having problems with sessions for some days now in my production environment
I've already tried to find the solution in tons and tons of answers here in stack overflow, but none seem to work for me
Side notes:
I'm using PHP 5.4 (I was using 5.6 before and downgraded hoping it would solve my problem) and this is my PHP.ini:
session.save_path = "/tmp"
session.cookie_secure = 1
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.entropy_length = 32
session.cache_limiter = nocache
session.cache_expire = 180
session.hash_function = sha256
And this is the basic structure of my authentication page:
session_start();
... // after connection with the database I retrieve id and name
$_SESSION['id_logado'] = $user_id;
$_SESSION['nome_logado'] = $user_name;
I've already double checked every line of code in every page. There is no variable name $id_logado so it should not interfere with that. Cache is probably not the problem because I have headers to avoid caching just after session_start. I've contacted bluehost to ask for help and of course they have no idea and are blaming myself.
I found a solution.
After further investation I noticed that the /tmp folder had only one session file, with a big size. For some reason sessions were not being saved to new files and were being 'added' to the same one.
Solution: I've created a new folder inside my home drive and granted 777 permissions. Updated my php.ini file to use that folder instead of /tmp and now I have tons of sessions being properly generated.