PHP sessions are not stored in set session.save_path directory - directory IS writable

Question

Hello,

I’m running PHP 7, apache on Ubuntu 16.04.

My issue is that my SESSIONs are set to null on page refresh after I deployed my site to DigitalOcean.

This problem does not occur on my local environment (XAMPP with Apache).

I have set a save_path which is also writable. I am checking if it is writable with

if (is_writable(session_save_path())) {
 echo "Yes";
}

and the above echo’s Yes on my site.

The directory permissions to the save_path directory are also set to 777.

To explain exactly what happens:

I login to my site (simple login written in php) which redirects me to the site admin page. There I var_dump the SESSION[‘user_id’]. So far so good. The user_id is shown on admin page. But, after that, if i try to reload the page/go to another page the SESSION is set to null and since I control access to the admin based on whether or not a session is set, the application(my site) redirects me back to the main index page. This does not happen on local environment - there everything works fine and code/scripts are the same.

When I check the save_path directory no files have been stored (on live server/digitalocean). I have tried other directories as well, such as /tmp.

My session.save_handler is set to files.

Does anyone know how to fix this issue? Or can guide me. I’m a bit lost.

Thanks in advance, Kubilay.

Ebizz Infotech · Answer

Hey we went through the post. Our php development services can help you get the solution. Please contact us.

KFSys · Answer

It sounds like you’re encountering a common issue related to PHP sessions when moving from a local development environment to a production server. Since you’ve already verified that your session save path is writable, we can rule out permissions issues as the root cause. Here are some steps you can follow to troubleshoot and hopefully resolve this issue:

1. Verify PHP Session Configuration

First, ensure that your session configurations are correct and consistent between your local and production environments.

Check PHP.ini Settings: Compare the php.ini settings related to sessions on your local machine and your DigitalOcean server. Pay particular attention to session.save_path, session.auto_start, session.gc_probability, session.gc_divisor, and session.cookie_lifetime.
Session Handling: Since no files are being created in the session save path on your DigitalOcean server, verify the path again by creating a small script that outputs phpinfo() and check the session parameters.

<?php
phpinfo();
?>

2. Check for Session ID Consistency

The session ID might not be persisting across page requests:

Inspect Cookies: Use browser developer tools to check if the session cookie is set and whether it persists across requests. Look for the cookie named PHPSESSID.
Cookie Parameters: Check the parameters with which the session cookie is set. Make sure the cookie domain and path are correct in your production environment.

session_get_cookie_params();

3. Server-Specific Configuration

Sometimes server-specific configurations or other services can interfere with session handling:

Server Time: Ensure the server time is correct. Incorrect server time can cause sessions to expire prematurely.
Temporary Files Cleanup: On some servers, the temp directory (/tmp) is cleaned periodically which can delete active session files. Since you mentioned that session files aren’t being created at all, this is less likely the issue but worth checking.

4. Test Session Saving Manually

To further diagnose, try manually saving data to the session file directory:

Write Test: Use a simple PHP script to write and read files to the configured session directory to confirm that file handling is working as expected outside of the session mechanism.

file_put_contents(session_save_path() . '/testfile.txt', 'Test');
echo file_get_contents(session_save_path() . '/testfile.txt');

5. Debugging and Logging

Add error logging around your session handling code to capture any warnings or errors that occur during session start or usage:

Enable Error Reporting:

ini_set('display_errors', 1);
error_reporting(E_ALL);

Session Start: Check if there’s any issue during session_start() and log it.

if (!session_start()) {
  error_log("Session start failed");
} else {
  error_log("Session started successfully");
}

. Update/Upgrade Considerations

Ubuntu 16.04 and PHP 7 might have specific bugs or issues:

Software Updates: Consider updating PHP and Apache to the latest versions supported by Ubuntu 16.04, or even better, consider upgrading to a more recent LTS version of Ubuntu if possible.