My host provider upgraded from PHP 5.6 to PHP 7.2 and I've noticed that session variables are lost after page reload. I've rewritten the question based on the ongoing testing to provide relevant information.
Basically, I store search keys, number of rows per page and other data in session variables and they are defined when you are redirection to pagination. However, when I click on any pagination links - session variables lose their values, in simple words - once on pagination.php sessions stop working. It is possible to go to the pagination.php either by clicking on a category link (href) or by entering a search term and submitting a form.
Here are the relevant parts of the code, e.g. search form on home page :
session_start();
//ini_set('session.save_path', '/tmp');
//phpinfo();
//echo "path" . session_save_path();
//if (!session_start()) echo "Session not started";
echo "header session status= " . session_status();
echo "header session_id= " . session_id();
unset($_SESSION['zip']);
unset($_SESSION['keywords']);
unset($_SESSION['key1']);
unset($_SESSION['key2']);
?>
<div id="searchBox">
<form action="<?php echo $forsaleurl;?>customer/pagination.php" method="post" class="searchform">
<input name="searchstring" class="textbox" type="text" placeholder="search string" value="" required/>
<input name="postcode" class="textbox" type="text" placeholder="postcode (optional)" value=""/>
<input name="submit" class="submit" value="Search" type="submit" />
</form>
</div>
When site is loaded, the session_status=2 and session_id has a value.
This is the start of pagination.php that creates and displays page links:
<?php
include '../config.php';
if ($DEBUG > 0)
{
error_reporting(E_ALL); ini_set('display_errors', 'On');
}
echo "page session status= " . session_status();
echo "page session_id" . session_id();
This will echo session_status=1 and blank session_id however you get here.
This is the first part of config.php that starts the session:
<?php
ob_start();
error_reporting(E_ERROR); ini_set('display_errors', 'On');
//ini_set('session.save_path', '/tmp');
//phpinfo();
echo "path" . session_save_path();
if (!session_id()) session_start();
print_r($_SESSION);
//session_start();
echo session_status();
echo "session_id" . session_id();
This will show session_status, session_id and session variables on site load but not after you get to the pagination.
I tried using relative URL in form action but it did not make a difference.
Session files contain either redirects to / or to index.php or to the links I HAVE NOT visited (???).
Site URL is https://themarket.onl.
Has anyone experienced this issue after upgrade? The site has been fully working prior to that and no changes were made to the code.
Here is a partial dump of phpinfo() , not sure if session.save_path should not be blank, but it seems to work and local php.ini fails to change the value.
Session Support enabled
Registered save handlers files user
Registered serializer handlers php_serialize php php_binary wddx
Directive Local Value Master Value
session.auto_start Off Off
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.lazy_write On On
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path no value no value
session.serialize_handler php php
session.sid_bits_per_character 4 4
session.sid_length 32 32
session.upload_progress.cleanup On On
session.upload_progress.enabled On On
session.upload_progress.freq 1% 1%
session.upload_progress.min_freq 1 1
session.upload_progress.name PHP_SESSION_UPLOAD_PROGRESS PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix upload_progress_ upload_progress_
session.use_cookies 1 1
session.use_only_cookies 1 1
session.use_strict_mode 0 0
session.use_trans_sid 0 0
/tmp has drwxr-xr-x permissions.
To use cookie-based sessions, session_start() must be called before outputting anything to the browser, this includes any HTML. Even using error reporting as you are here; or ANYTHING that gets displayed in the browser; yes even echo 'Hi'; or a blank space; or a BOM before the <?php, requires that headers be sent (to display that message or blank). Headers can only be sent to the browser ONCE, so session_start() can't do its thing. (This answer courtesy of my blank-white-screen-of-death error reporting hell for the past day.)