Okay, so it appears as thought sessions are working, but they may not be.
A test you can do is to sign in and go to your profile page. Refresh the page and see if it marks your logins up by 1. If it does, then it is re-authenticating your cookies and your sessions aren't actually working properly.
just off the top of my head, since noone asked where is your cookie path set to? sign into the forum and then go to settings -- Application Settings and then near the bottom make sure the cookie path is / and not something like /forum/
think i already mentioned this with vanilla 1.0 (dont know if this is still the case with 1.0.1)
COOKIE_DOMAIN and COOKIE_PATH (as set in application settings) are only written with the 'remember' cookie, but not with the PHPSESSID cookie (as there is no session_set_cookie_params call befor session_start)... should not the PHPSESSID also be set according to cookie path and domain or do i get this wrong and as Max_B already mentioned there is no session_name call, that means vanilla session name is the default PHPSESSID
@Mark: visits does not increment when refreshing the account page.
COOKIE_DOMAIN is set to http://www.mydomain.com (only it's the real URL)
COOKIE_PATH is set to "/"
Any more suggestions? If I can't figure this out, I guess I'll just force everyone who signs in to use cookies (hide the remember me checkbox).... unless someone else has any ideas on how to remedy this problem?
Falling back to an elementary question: is the PHP session functionality enabled? Check your phpinfo(). Are you able, in a test script, to save and retrieve a $_SESSION[] variable?
@Max: Yes, sessions are enabled. I've built several web apps that rely solely on their existence. Vanilla, however, is either not properly registering them or has hidden them so thoroughly that I'll never be able to find them.
echo $_SESSION[$_COOKIE['PHPSESSID']]; Which, of course, does nothing.
I have no problem accessing the PHPSESSID, so I doubt passing it via the query string would make much of a difference. I've never been so frustrated with a script before. I know the session is out there, but for whatever reason, my server refuses to show it to me. I'm just going to push cookies, and go from there.
well, i meant that maybe you could 'jump start' the session handler by passing "&PHPSESSID=".$_COOKIE['PHPSESSID'] to the script. the session handler in PHP is supposed to start itself automatically if the PHPSESSID query string variable exists. (it's also supposed to do that if the cookie exists, but obvously that's not working)
I guess the culprit should be something obvious we didn't check and we are now looking too far. I have no problem here to acces Vanilla session variable from an external script.
I'd like to mention that on my own test server, the cookie DOMAIN is left empty and default to localhost.local (Mac OS X Server). Unless you are running a DNS server for you domain pointing back to your test server (and reverse IP ok), I'd advice to set left it empty too. At least to test sorting this out.
@bjork24: as you say you can access the PHPSESSID, does it change on every page call? if you get an empty $_SESSION array, are cookies turned on and are you really loged in (sorry to ask you that stupid, but it happens to me something that i turn off cookies for testing...)
Sorry, I was out of town for a few days... no news does not mean good news in this case. The DOMAIN / PATH emptying (as noted above) did not work. I'm really at a lose on this one. I think I'm going to force cookie login and go from there. If I ever crack the session mystery, I'll code it in.
Comments
A test you can do is to sign in and go to your profile page. Refresh the page and see if it marks your logins up by 1. If it does, then it is re-authenticating your cookies and your sessions aren't actually working properly.
COOKIE_DOMAIN and COOKIE_PATH (as set in application settings) are only written with the 'remember' cookie, but not with the PHPSESSID cookie (as there is no session_set_cookie_params call befor session_start)... should not the PHPSESSID also be set according to cookie path and domain or do i get this wrong
and as Max_B already mentioned there is no session_name call, that means vanilla session name is the default PHPSESSID
Are you able, in a test script, to save and retrieve a $_SESSION[] variable?
i know this is probably not going to change anything, but have you tried passing the PHPSESSID to the script in the query string?
echo $_SESSION[$_COOKIE['PHPSESSID']];Which, of course, does nothing.
I have no problem accessing the PHPSESSID, so I doubt passing it via the query string would make much of a difference. I've never been so frustrated with a script before. I know the session is out there, but for whatever reason, my server refuses to show it to me. I'm just going to push cookies, and go from there.
I have no problem here to acces Vanilla session variable from an external script.
I'd like to mention that on my own test server, the cookie DOMAIN is left empty and default to localhost.local (Mac OS X Server). Unless you are running a DNS server for you domain pointing back to your test server (and reverse IP ok), I'd advice to set left it empty too. At least to test sorting this out.
as you say you can access the PHPSESSID, does it change on every page call?
if you get an empty $_SESSION array, are cookies turned on and are you really loged in (sorry to ask you that stupid, but it happens to me something that i turn off cookies for testing...)
Bjork24, did you sort this out?
Context->Session->UserID
Or am I barking up the wrong tree?
Posted: Monday, 10 September 2007 at 7:57AM