PHP :: Bug #27403 :: session maintenance across SSL and Non SSL pages

Bug #27403	session maintenance across SSL and Non SSL pages
Submitted:	2004-02-26 07:09 UTC	Modified:	2004-02-28 00:37 UTC
From:	venky at smartxp dot com	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.3.4	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	venky at smartxp dot com
New email:
PHP Version:		OS:

New Comment:

[2004-02-26 07:09 UTC] venky at smartxp dot com

Description:
------------
When i access through

http://mydomain/start.php

it creates a session file and start session.


Again when i  access same file in same browser through SSL

https://mydomain/start.php

Warning: session_start(): open(/tmp/sess_5e99b05aa4e84d8304778ab34ae8e68a, O_RDWR) failed: Permission denied (13) in /home/www/hollywoodclicks/index.php on line 1

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/www/hollywoodclicks/index.php:1) in /home/www/hollywoodclicks/index.php on line 1


Reproduce code:
---------------
start.php
<?
session_start();
?>




Expected result:
----------------
When i access through

http://mydomain/start.php

it creates a session file and start session.


Again when i  access same file in same browser through SSL

https://mydomain/start.php

Warning: session_start(): open(/tmp/sess_5e99b05aa4e84d8304778ab34ae8e68a, O_RDWR) failed: Permission denied (13) in /home/www/hollywoodclicks/index.php on line 1

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/www/hollywoodclicks/index.php:1) in /home/www/hollywoodclicks/index.php on line 1


Actual result:
--------------
It should maintain maitain the same session across SSL and Non SSL pages

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-26 07:14 UTC] sniper@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

You're doing something wrong, this works absolutely fine when a) script is correct
b) configuration is correct.

[2004-02-26 07:57 UTC] venky at smartxp dot com

I am doing this on online server. In same page  with same session id it is unable to open the session file and if i see on the server the session file created is with read and write permissions to the root user only.


SO the error unable to open is coming how to set the whole file permissions for  the session file.

[2004-02-28 00:37 UTC] venky at smartxp dot com

I feel sorry that I thought PHP was not working properly with SSL. But the reason this was happening is:

When I go to SSL page from Non SSL page then the user name in server is getting changed so the session file created in the temp is owned by SSL user name in SSL page and when in non SSL page user is different so PHP is unable to access the session file.

We have solved this problem making the user name same for SSL and Non SSl page.

Sorry for my poor english.

Thanks

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Nov 30 15:00:01 2025 UTC