I think it's a permissions issue on /tmp but I can't seem to find a solution.
I'm using PHP to create a registration and login page; I can see that when the user logs in, the session data is passed to the /tmp folder, but when they are redirected to the home/index page, the session data is returned NULL .
I use the following to verify that the correct path has permissions:
<?php var_dump($_SESSION); if (!is_writable(session_save_path())) { echo 'Session path "'.session_save_path().'" is not writable for PHP!'; } else { echo 'Session path "'.session_save_path().'" is writable for PHP!'; } ?>
I ended up with:
NULL Session path "/var/lib/php/sessions" is writable for PHP!
Checking the folder, I can see the session data is saved to /tmp, so it's definitely writable.
So my best guess is that start_session() has permission to write to /tmp, but not read? But that doesn't make any sense to me.
Checking the permissions in var/lib/php/sessions I got (example):
drwx-wx-wt 2 root root 151552 Dec 22 05:09
Change the permissions of the folder to:
-rw-rw-rw-
Cause any security or other functional issues?