Jump to content
bpz

$_SESSION gets lost

Recommended Posts

Hi,

new forum look, cool haha!

Look, I'm trying to use Securimage capcha in a template. The SESSION vars that the capcha image sets get lost somewhere in processwire. The API page says that this superglobal is always available. Do you have any hints where $_SESSION may be reset?

Thanks ???

Share this post


Link to post
Share on other sites

Solved myself. PW stores session in its own directory ini_set("session.save_path", rtrim($config->paths->sessions, '/'));

I made the capcha use the same session path and it now works.

Share this post


Link to post
Share on other sites

Thanks for reporting back, glad you got this figured out. I was just going to reply that I had no idea :) because PW does not touch PHP's $_SESSION var, other than adding a key to it for PW's session data.

Share this post


Link to post
Share on other sites

I'm facing the same issue.

But, if I also want "Securimage" use the same session path as "Processwire", where do I put this code?

ini_set("session.save_path", "/home/www/****/site/assets/sessions");

And what else do I need to do exactly?

Thanks in advance

Share this post


Link to post
Share on other sites

It sounds like Securimage must try to set it's own session path? I don't know enough about Securimage to say where you'd place that, but the first place I would look is in any config/settings file that comes with that software. If there's nothing to be found there, perhaps you can just add the line to the top of its index.php or whatever php file initializes it. 

Share this post


Link to post
Share on other sites

I'm posting a solution to this for anyone who finds this topic through google:

There are two steps required to make Securimage work with ProcessWire:

1. Add this code to the top of securimage.php

ini_set("session.save_path", $_SERVER['DOCUMENT_ROOT'] . "/site/assets/sessions/");

Of course, the path may change depending on where your session path is.  This works for those of us with the default path.

2. Change public $session_name on line 382 from null to "wire".

This will ensure that Securimage will validate properly.

  • Like 1

Share this post


Link to post
Share on other sites

I've encountered the same issue with the latest version of Securimage and PW 3.0.61. I have Securimage woking without any issue on most of my other non-cms websites.

I've made the changes to the securimage.php as suggested by jamesmarshall. That has not worked. Are there other steps that need to be taken such as adding

Would it be possible for someone to share the steps taken to get Securimage working?

Any help would be appreciated.

Share this post


Link to post
Share on other sites

I think i may have a similar problem, i currently have two websites running on the same server but under different subdomains, i have user data that needs to persist across subdomains, i'm using PHP's $_SESSION variable to store the data on the non ProcessWire site, though when i attempt to access the variables in PW they don't show up.

I've got the ini_set('session.cookie_domain', '.example.com'); and i can see the PHPSESSID cookie does show up for both subdomains.

However in PW when i echo session_id() it displays the session id from the wire cookie. So i guess $_SESSION variable has been taken over by that?

Is there a way to still access the original $_SESSION variables from PHPSESSID ?

Any help on this would be great.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By fliwire
      Hi, after redirect to payment page processwire session lost because of samesite cookies changed default to "lax".

      https://web.dev/samesite-cookies-explained/

      tried to hook session::init but not works ?
      $wire->addHookBefore("Session::init", function (HookEvent $event) { ini_set('session.cookie_samesite', 'None'); session_set_cookie_params(['samesite' => 'None']); });

      set by htaccess works
       
      <ifmodule mod_headers.c> Header always edit Set-Cookie ^(.*)$ $1;SameSite=None;Secure </ifmodule>  
    • By derelektrischemoench
      Hi guys,
      I'm facing a somewhat strange issue here which I can't quite wrap my head around. 
      I have a PW site in development which runs on three machines simultaneously, one staging server which is accessible as a preview instance for my customer, my PC and my laptop. 
      I have three completely identical settings on each of the three machines (same apache version, same php version, same codebase, same database); however on my PC I am unable to log into the backend. I get no error message or anything, when I try to login; i just get redirected to the login  page. I have already enabled database driven sessions (I enabled them on my laptop, then I dumped the database and copied it to my pc); I have cleared the cache directory; I cleared the sessions in the database; I cleared my browser caches, I tried different browsers, all to no avail; I am unable to login when using my pc, the instances all have the same .htaccess.
      Is there something I'm missing here or does anyone have a clue as to what my issue here might be? I'm using processwire 3.0.123
      Thanks for any input, greetings
      derelektrischemoench
       
      //edit: I've noticed something interesting; despite the directories of my web folders being the same layout; when I open the admin page i get a 404 on the processwire/ resource in the networks panel of chrome; on my laptop I get a  200.... I guess this is where my problem is; but why?
       
       
    • By derelektrischemoench
      Hi guys,
      I'm facing a somewhat strange issue here which I can't quite wrap my head around. 
      I have a PW site in development which runs on three machines simultaneously, one staging server which is accessible as a preview instance for my customer, my PC and my laptop. 
      I have three completely identical settings on each of the three machines (same apache version, same php version, same codebase, same database); however on my PC I am unable to log into the backend. I get no error message or anything, when I try to login; i just get redirected to the login  page. I have already enabled database driven sessions (I enabled them on my laptop, then I dumped the database and copied it to my pc); I have cleared the cache directory; I cleared the sessions in the database; I cleared my browser caches, I tried different browsers, all to no avail; I am unable to login when using my pc, the instances all have the same .htaccess.
      Is there something I'm missing here or does anyone have a clue as to what my issue here might be? I'm using processwire 3.0.123
      Thanks for any input, greetings
      derelektrischemoench
       
       
    • By Peter Knight
      How do you guys handle large session tables when sessions are being recorded to the database?
      I notice one of my sites has a session table of over 14MB 
      Am I missing a way in the Admin or a module to auto-remove any sessions older than X days?
      Thanks
       
    • By helmut2509
      In my PW-Application there is currently no session timeout.
      I want to set the user session to 60 minutes which means that after 60 minutes of inactivity the user will be redirected to the homepage.
      so I added the following entry to my config.php:
      $config->sessionExpireSeconds = 120; (120 seconds is just for testing).
      But after five minutes of inactivity I am still logged in, there is no redirection.
      Is there anything wrong or did I miss something?
      In php.ini I have the entry:
      session.cookie_lifetime = 3600
×
×
  • Create New...