session_register
After a lot of searches, tests and pain, the only one that worked for me was this:
session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/../session'));
session_save_path
(PHP 4, PHP 5)
session_save_path — 현재 세션 저장 경로를 얻거나 설정
설명
string session_save_path
([ string $path
] )
session_save_path()는 세션 데이터를 저장하는 현재 디렉토리 경로를 반환합니다.
인수
- path
-
세션 데이터 경로. 지정하면, 데이터를 저장하는 경로가 변경됩니다. 이를 위해서는 session_start() 전에 session_save_path()를 호출해야 합니다.
Note:
몇몇 OS에서, 수많은 작은 파일을 효율적으로 다루는 파일시스템 경로로 지정할 수 있습니다. 예를 들어, 리눅스에서 reiserfs는 ext2fs보다 좋은 성능을 제공합니다.
반환값
데이터 저장에 사용하는 현재 디렉토리 경로를 반환합니다.
add a note
User Contributed Notes
session_save_path
branislav dot ristic at gmail dot com
01-Jun-2010 03:28
alvaro at demogracia dot com
26-May-2010 03:42
Debian does not use the default garbage collector for sessions. Instead, it sets session.gc_probability to zero and it runs a cron job to clean up old session data in the default directory.
As a result, if your site sets a custom location with session_save_path() you also need to set a value for session.gc_probability, e.g.:
<?php
session_save_path('/home/example.com/sessions');
ini_set('session.gc_probability', 1);
?>
Otherwise, old files in '/home/example.com/sessions' will never get removed!
Matthias H. (DE)
14-Mar-2010 03:40
Under PHP for Windows, you can improve the speed, when you store all session-files on ramdisk. A freeware-ramdisk you can download by http://www.techsnack.net/gavotte-ramdisk-free-virtual-hardisk .
A other alternativ is store you session-datas to apc-user-cache (see php-apc-extension).
TK
22-Feb-2010 05:29
After a search for the cause of a issue causing users to have to login twice, I've found a call to session_save_path() was the culprit.
What was happening was: the session save path was set, a session was opened, some variables were set and the session was closed. This was resulting in an empty file in the specified session save path and of course no session data on the next page load. Oddly, on the second attempt the data was saved as expected.
I found that removing the call to session_save_path() resolved the issue. My final solution was to replace the call to session_save_path($path) with an equivalent call to ini_set('session.save_path', $path).
sampathperera at hotmail dot com - Sri Lanka
05-Feb-2008 11:25
Session on clustered web servers !
We had problem in PHP session handling with 2 web server cluster. Problem was one servers session data was not available in other server.
So I made a simple configuration in both server php.ini file. Changed session.save_path default value to shared folder on both servers (/mnt/session/).
It works for me. :)
gt at psgam dot de
25-Feb-2005 05:58
Note that you shouldn't use session_save_path() directly for performing file operations.
It returns the configuration option, not the directory.
As stated in /manual/en/ref.session.php#ini.session.save-path there can be a numeric argument separated with a semicolon in front of the "real" path.
I used the following code to get rid of it:
<?php
$sessionpath = session_save_path();
if (strpos ($sessionpath, ";") !== FALSE)
$sessionpath = substr ($sessionpath, strpos ($sessionpath, ";")+1);
?>
Doesn't allow ; to appear in the directory names, but hey.
Regards,
Gero
designofgod at yahoo dot com
14-Feb-2005 06:12
sometime you need to change session.save_path because server system distributed more then one machine and you can not reach php.ini file example sourceforge.net. Then you can do that with .htaccess file which is kind of configuration file for Apache under one directory. anyway I added
php_value session.save_path /home/groups/f/f4/f4l/tmp/
now my sessions work very well I hope :)
webmaster at gardenchemicals dot co dot uk
16-Sep-2004 07:59
This is an absolute must if you have an important login on a shared server. Without it, other users of the server can do the following to bypass login:
* Visit login page, browse through cookies and grab the session id.
* Create a PHP script on their account that grabs and sets session variables for a given session id.
* Read and change any values for that session id (for example passwords or session keys), and therefore gain access to the protected area.
All users on web hosting should choose an dir below the HTTP directory struct, but within their user area to store the session files.
a9504778 at unet dot univie dot ac dot at
14-Jan-2001 03:09
dont forget: if you use session_save_path on the page, that registers a variable, you have also to use session_save_path on all the pages, where you access the session-variable. under win32 you can use the double \\ to specify eg "c:\\temp\\"