tags:

views:

32

answers:

1
+1  Q: 

Cannot change php session cookie name

I copied an existing and successfully running site to a new development server.

The login on the new server is now broken, and I tracked it down to the fact that although the session cookie is renamed ...

ini_set('session.name', 'DOMAIN1');

... the browser keeps storing the sesssion cookie as PHPSESSID.

When I remove the above line from the application on the new server, the login works again. But this is not a good solution, because another application also uses PHPSESSID under this name.

And I would prefer to find the reason for the strange behaviour instead of using a workaround. If I don't fix it it could bite me somewhere else.

Maybe this is already enough information for someone to give me a hint. If not, what information would be useful?

This machine was a very naked and basic ubuntu 8.04 server, and I installed apache2, mysql and php5 with aptitude. I also updated lokales and the timezone.

Solution:

I replaced the line above with this code from from the accepted answer ...

if(ini_set('session.name', 'DOMAIN1') === false || !session_name('DOMAIN1'))
{
    die('Unable to set sesssion scope');
}

... and the login now works on the new server.

+2  A: 

Sometimes ini_set plays up and is unable to set the ini values correctly, might be down to permissions.

the below does not fully resolve the issue with ini_set, and if anyone knows the reason(s) why ini_set does not work on some type's of host, then please share!

Try the following:

<?
if(ini_set('session.name', 'DOMAIN1') === false || !session_name('DOMAIN1'))
{
    die('Unable to set sesssion scope');
}

phpinfo();
?>

alternatively you can just use session_name() to set it, and ill always advise you not to just run functions and hope the always check the in an if statement and prepare for the worst case scenario, thats when your application becomes reliable and less error_prone.

RobertPitt  2010-10-23 20:32:48
No, ini_set() is not supposed to modify the INI file: see http://php.net/ini_set Otherwise it would be a big potential security breach.
mojuba  2010-10-23 20:40:12
Yea sorry, runtime only :)
RobertPitt  2010-10-23 20:42:41
Thank you, after hours of searching it finally works. I replaced the legacy code with the 4 lines from your example and that fixed it!
mit  2010-10-23 21:17:27

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases