7 Replies Latest reply on May 2, 2008 3:43 PM by (Jeremy_Smart)

    Login problem when using php.ini override

      Hi all,

      I cannot start sessions when I have a login page which sends the user to a page located in the same directory as a php.ini file. It tests the authentication on the target page and kicks the user to the login failure page. This has only recently started occurring on the newer sites I have built (all sites are on the same server). If I remove the user login restriction from success page it sends the user there, but doesn't start the session. It even fails when the php.ini file is completely empty.

      Could there have been a change to the includes files that are updated via the control panel in ADDT? I say this because some of my older sites (only a month or two ago) work fine when the php.ini file is in use.

      This is a strange one. Any help appreciated
        • 1. Re: Login problem when using php.ini override
          Günter Schenk Level 4
          Hi Jeremy,

          ----
          Could there have been a change to the includes files that are updated via the control panel in ADDT?
          ----

          Certainly not, as it´s still ADDT version 1.0.0.

          I wonder why a php.ini file is located in your site at all -- are you talking about a PHP configuration file, or are you talking about a page which just displays the PHP settings by using the function ?

          However, if it´s a PHP configuration file, it certainly shouldn´t be located in your public site at all.

          Cheers,
          Günter Schenk
          Adobe Community Expert, Dreamweaver
          • 2. Re: Login problem when using php.ini override
            Level 1
            It's a php.ini file.

            The server administrator advised that to use php.ini to override the server-wide upload_max_filesize I had to place a php.ini file in the same folder as the script which performs the file upload. This happens to be in the same folder as the success page following login.

            I noticed that when the login script executes it still adds a new session entry into the session history table in the db even though the success page doesn't recognise that a session has been created.

            By the way this behaviour is not consistent - some sites still run the login script correctly and others don't (in both cases with the php.ini file in the same folder as the secure pages.

            Thanks,

            Jeremy.
            • 3. Re: Login problem when using php.ini override
              Level 1
              Hi Günter,

              I've worked it out - somewhat.

              The login function works fine when there is a php.ini file located in the same directory as the restricted access pages so long as the login page is also located within that directory. It appears that as you move from the login page to the restricted pages within a new directory the php.ini file resets the sessions.

              If you start at the login page already in that directory the settings dont change between login and the restricted pages.

              There was one other error. Using the "show thumnail in pop-up" function on a page within a directory where there was a custom php.ini file was causing an "internal error.session exired"

              Any thoughts. Jeremy.
              • 4. Re: Login problem when using php.ini override
                Günter Schenk Level 4
                Hi Jeremy,

                I personally have never experienced this - but I never had to deal with a hosting provider which tells me to throw php.ini files into public directories rather than allowing customers to add the required "override" directives to standard . htaccess files.

                Please check with them if they´d rather allow using the .htaccess method which always plays nice with ADDT, as this one clearly isn´t capable to tackle the Sessions.

                Cheers,
                Günter Schenk
                Adobe Community Expert, Dreamweaver
                • 5. Re: Login problem when using php.ini override
                  Level 1
                  I'll check with them.

                  The problem is that I use the php.ini files to override the server setting for upload_max_filesize which I understand cannot be done from the .htaccess file.

                  Is there another way to do this?

                  I've tried adding:

                  php_value upload_max_filesize 30M

                  to the .htaccess file but I get a 500 Internal Server Error.

                  Thanks,

                  Jeremy.
                  • 6. Re: Login problem when using php.ini override
                    Günter Schenk Level 4
                    Hi Jeremy,

                    -----
                    I've tried adding:

                    php_value upload_max_filesize 30M

                    to the .htaccess file but I get a 500 Internal Server Error
                    -----

                    Seems like using .htaccess files has been deactivated by your host.

                    Please try with adding...



                    ...on line 1 of the script which needs that, and see if that works -- if even this doesn´t work, I fear I can´t provide any other suggestion than transferring your site to a hosting provider which handles stuff the standard way and doesn´t force you to use such odd workarounds, which I have never heard of.

                    Sorry, needed to get that off my chest, but some hosting companies out there are really strange :-)

                    -----
                    The problem is that I use the php.ini files to override the server setting
                    -----

                    I suspect (can be wrong though) that the php.ini file placed in whatever directory will start "from scratch" everytime a document in that folder is "triggered", and that´s why the session of page A are getting destroyed on page B

                    Cheers,
                    Günter Schenk
                    Adobe Community Expert, Dreamweaver
                    • 7. Re: Login problem when using php.ini override
                      Level 1
                      Hi Günter,

                      I suspect that you are right about that as when I place page A and B within the same directory it works fine - but not an ideal fix.

                      Unfortunately you cant use ini_set for changing upload_max_filesize so I will have to push the hosting provider to be more flexible on the .htaccess overrides.

                      I like the idea of being able to change providers but as a reseller it can become prohibitive when you have dozens of sites hosted with them - the prospect of moving them all - arrgghh...:(

                      Thanks for you prompt response.

                      Jeremy.