Problem with sessions after ISP moved my site to new server

Question

Hello,

I'm having some sessions problems after my ISP moved my site to a new server, supposedly setup the same. The problem appears to be browser-specific as well, which I don't quite understand.

First, my site uses sessions to login, this has been broken since they moved the site.

My ISP has set up a test page at http://launchcomplex.com/loggedin_test1.php. When I hit this page in IE 6 (where it sets some session vars) and then hit the "header redirect" button, sessions seem to work fine. If I try it in Firefox/Opera, I get a new session id on the redirected page. My ISP reports sessions are working for IE as well, though I imagine they're using IE7 or perhaps even 8.

Everything was working fine on my site before my ISP moved it and while they've been very helpful in responding, they're at a loss as to why it's broken. A couple of other of my sites with them were broken along with the move, but they have been resolved by server tweaks...Does anyone have any ideas what's going on?

Answer 1

When they moved servers, did they move to a clustered configuration? Meaning when I hit your web page, am I always requesting content from the same physical server, or could be be any of a cluster of servers?

If the latter, that is your problem. Sessions are by default file-based, and thus are not scalable to multiple servers.

One solution is to use session_set_save_handler() to write your own session manager. Usually you would use a database to read/write session data using this method.

Answer 2

You're redirecting from "launchcomplex.com" to "www.launchcomplex.com"

If you set session.cookie_domain it should work - see session_set_cookie_params()

Cookie domain, for example 'www.php.net'. To make cookies visible on all subdomains then the domain must be prefixed with a dot like '.php.net'.