PHP 5 warning session

Discussion in 'Installation/Configuration' started by Gimly, Jul 9, 2009.

  1. Gimly

    Gimly Member

    Hi All,

    I've problem with session, in php script i've this warning :

    If script uses session for login on private party, the session are not save and user are reject ...

    What is the correct path to work with ispconfig ?

    Thank you :)

    PS : warning are present in fcgi and suphp
    Last edited: Jul 9, 2009
  2. sirrus

    sirrus New Member HowtoForge Supporter

    You should post some more informations. What URL did you try? Which version of ISPConfig? Please provide the output of

    ls -la /var/lib/php5
  3. Gimly

    Gimly Member

    The problem exist for over 300 website ...

    Last stable (you can see it on my signature ...)

    ns1:~# ls -al /var/lib/php5/
    total 8
    drwx-wx-wt  2 root root 4096 jui  9 20:39 .
    drwxr-xr-x 28 root root 4096 jun 30 22:08 ..
  4. sirrus

    sirrus New Member HowtoForge Supporter

    Maybe your config files are wrong. This could be caused by a template.

    The single config files under /etc/apache2/sites-enabled/* should habe a line like this:

    php_admin_value session.save_path /var/www/clients/client1/web1/tmp
    If this is not the case please edit /usr/local/ispconfig/server/conf/vhost.conf.master to represent this (only a snippet - the file should be several lines long):

    <tmpl_if name='php' op='==' value='mod'>
        # mod_php enabled
        AddType application/x-httpd-php .php .php3 .php4 .php5
            php_admin_value sendmail_path "/usr/sbin/sendmail -t -i [email protected]<tmpl_var name='domain'>" 
        php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
        php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
        php_admin_value open_basedir <tmpl_var name='document_root'>:/usr/share/php5
  5. Gimly

    Gimly Member

    I add this value php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
    to suphp and cgi, now I test.

    I'll become later to confirm the solution :)
  6. Gimly

    Gimly Member

  7. sirrus

    sirrus New Member HowtoForge Supporter

    ISPConfig needs to be modified in
    but this should be a fcgi handled domain. Therefor you should modify

    And the issue with SSL is caused by your certificate. You need to create a new certificate - this can be selfsigned as it is now. I suggest to buy a "real" certificate for this domain.
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Just close all browser windows so that you get a new session for ISPConfig. This error is normal if you use e.g. fcgi while you had mod_php used before in ispconfig as the session file is owned by a different user then and the session file gets deleted when you close all browser windows.
  9. Gimly

    Gimly Member

    Thank you for your precision Till :)

Share This Page