[nycphp-talk] Session problem on virtual host?
Mark Armendariz
nyphp at enobrev.com
Wed Jan 19 19:25:21 EST 2005
On shared servers, I generally try to avoid using the server's global tmp
folder and instead use a 'local' one.
In your php.ini, htaccess or ini_set() you can do that with the following
vars:
# for file upload temp files
upload_tmp_dir = '/path/to/a/local/hidden/tmp/folder/'
# for sessions on your site
session.save_path = '/path/to/a/local/hidden/tmp/folder/'
On a few servers I've worked on you usually get access to a folder just
'above' the public_html folder:
/home/username/public_html/
/home/username/tmp/ <-- great place for a local tmp folder
And here's some info about setting those values properly:
http://education.nyphp.org/phundamentals/PH_ini.php?expiredate=2/16/2004
This is also more secure (as long as the shared host is jailed / sandboxed
somehow), as your sessions and upload temp files aren't sitting in some
shared folder that everyone on the server has access to.
On a side note, anyone here use pair.com? I just ran into something very
disturbing on their shared servers that I'd like to tell you about off-list.
Mark
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
> On Behalf Of Stephen Musgrave
> Sent: Wednesday, January 19, 2005 7:05 PM
> To: talk at lists.nyphp.org
> Subject: [nycphp-talk] Session problem on virtual host?
>
> List -
>
> I am having a problem with a content management system that I wrote
> running on a Speakeasy shared host. I use session to store variables
> to maintain state such as the primary key ID for a content row I am
> updating.
>
> For the most part, this works really well, but from time to time
> something goes wrong and it feels like the session gets wiped out or a
> formerly used primary key ID reappears into the session, overwriting
> the current primary key ID and causes me to overwrite that record in
> the database.
>
> I haven't actually witnessed this occurrence, as it happens only about
> 5 percent of the time, according to the person who is reporting it.
>
> I think I have read somewhere in passing that if shared hosts are not
> setup properly, sessions from other virtual domains can conflict or
> that session is flaky altogether.
>
> I have reason to suspect that the server isn't setup properly because
> when I use $_SERVER['DOCUMENT_ROOT'], it points to a directory that is
> somewhere else in the file system. Somebody told me that this is
> because they are cheating and using symbolic links. I'm not a server
> guy and I haven't been able to get a straight answer from the hosting
> provider support staff.
>
> I should note that this CMS has run on at least 5 other shared hosting
> environments and it has been a problem.
>
> Thanks,
>
> Stephen
>
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
More information about the talk
mailing list