nginx / php / php-fpm | Problem with storing cookies

php session cookies nginx
12,637

Solution 1

May be some usefull information can be found in PHP-fpm error log? Set parameters in php.ini

error_reporting = E_ALL & ~E_DEPRECATED
log_errors = On
error_log = ;

some file php can write in or "syslog"

Also try to look in nginx error log.

Does PHP-fpm process-owner has write permissions to sessions dir? See session.save_path on php.ini for session dir

Solution 2

The various session cookie parameters are all documented here.

In particular, check the "session.use_cookies", "session.use_only_cookies", and "session.trans_sid" settings. If PHP can't succesfully create a cookie, it'll fall back to the trans_sid method (which is what you're seeeing: the session ID being passed around as a query/form variable).

You can trivially check if any cookie-related headers are going out by using Firebug and HTTPFox in Firefox. Both let you view the incoming/outgoing headers for requests.

Solution 3

See if your session_path is correct and has the right permissions. That fixed my problem.

Share:
12,637
Admin
Author by

Admin

Updated on June 04, 2022

Comments

  • Admin
    Admin almost 2 years

    Greetings.

    I am right now in the middle of reinstalling my whole dedicated server. I went with

    -Ubuntu Server 10.10

    -PHP 5.3.3.1

    -php-fpm

    -nginx

    Now, almost everything seems to work, though there remains one problem with the sessions. No matter what I do, the sessions doesn't seem to store themselves properly (and they did on the previous setup).

    The base application is phpBB board. When I login, it's okay - though it appends additional SID parameter to all of the URLs.

    forum/index.php?sid=f506ccd42065322f61cb56fc6df6557a

    You can navigate around the forums without problem, though if you delete the SID parameter, you get logged out. I thought, that perhaps the sessions aren't stored in cookies, but in URLs, but php configuration seems fine.

    The same occurs with phpMyAdmin - I also get logged out, when I delete the token parameter.

    In the meantime, it seems the cookies are getting created anyway, it's like they aren't used, or are getting deleted immediately.

    I am getting more and more frustrated with that, maybe someone has an idea on how to troubleshoot that? I will post any configuration files necessary.

    I thought maybe it's the problem with suhosin (it wasn't installed on the previous setup), but I have no clue. The PHP config is out-of-the box atm, I only modified nginx config.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

PHPSESSID not being saved to cookie
Difference between setcookie() and session_set_cookie_params() functions
how do i stop multiple user login with same email and password once user already logged
How to reuse php curl response cookie and bypass login steps on the script's subsequent executions?
PHP session_start error (no such file or directory found)
create a simple PHP login / logout system
PHP: How to store session in cookie
Guzzle cookies handling
how can i extend the cookie expiration time in php everytime i i regenerate the session id?
Share a SESSION across multiple servers with different domains