Results 1 to 5 of 5

Thread: PHP Warning

  1. #1

    PHP Warning

    Hello,

    I'm hoping someone here can recommend a fix for an error occuring since a recent server move. One minute someone is merrily cruising around the website with no problems, the next minute they are unceremoniously booted to the landing page with a session error message across the top of their screen. Then they can't log back in until they clean their cookie cache. There seems to be no pattern to when this error shows in the logs.. sometimes hours between errors.. sometimes just seconds. The error from the logs is posted below, and the page referred to in the error is posted below that. Any suggestions very greatly appreciated.

    Errors in log:

    [Sat Dec 3 06:04:37 2005] [error] PHP Warning: session_start(): open(/home/democrat/tmp/sessions/sess_04a71628c63863f2ff9f3235f682beab, O_RDWR) failed: Permission denied (13) in /home/democrat/public_html/includes/init.inc.php on line 31
    [Sat Dec 3 06:02:36 2005] [error] PHP Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/home/democrat/tmp/sessions) in /home/democrat/public_html/includes/footer.tpl.php on line 55


    And this is the page the error referrs to (init.inc.php) :

    <?php
    //ini_set('error_reporting','E_ERROR');
    require_once ('browser.lib.php');
    require_once ('xainf.lib.php' );
    if ( ereg("MSIE", $HTTP_USER_AGENT) )
    $BROWSER_MSIE = true;

    session_save_path("/home/democrat/tmp/sessions"); //be sure change below too if necessary
    //set the proper cookie domain with a decent lifetime
    if (strstr($_SERVER[HTTP_HOST],"www")) {
    $cookie_dom=substr($_SERVER[HTTP_HOST],strpos($_SERVER[HTTP_HOST],"."));
    } else {
    $cookie_dom=".".$_SERVER[HTTP_HOST];
    }
    session_set_cookie_params(60 * 60 * 24 * 365.25 * 7,'/',$cookie_dom); //7 years

    //ensure session files aren't removed prematurely -- 2 hours should be sufficient
    //remember that there is an inactivity check in this code below at 1 hour
    ini_set("session.gc_maxlifetime", 60 * 60 * 2);
    session_cache_expire(60 * 60 * 2);
    ini_set("session.cache_expire", 60 * 60 * 2);
    ini_set("session.gc_probability", 1);
    ini_set("session.gc_divisor", 100); // 1/100 page views will trigger garbage cleanup

    //lets get this show on the road...
    session_start();

    //log proxy addresses for future reference
    if ((isset($_SESSION['myip']) && $_SESSION['myip'] != $_SERVER['REMOTE_ADDR'])) {
    mysql_query("INSERT INTO proxy_addresses SET ip='$_SERVER[REMOTE_ADDR]', hostname='".gethostbyaddr($_SERVER[REMOTE_ADDR])."'");
    mysql_query("INSERT INTO proxy_addresses SET ip='$_SESSION[myip]', hostname='".gethostbyaddr($_SESSION[myip])."'");
    }
    $_SESSION['myip'] = $_SERVER['REMOTE_ADDR'];


    $defined = session_is_registered( "pictSize" );
    session_register( "pictSize", "hideTracks", "backgroundImage", "pageNameArray", "pageArray", "RichTextEnabled", "oldPageName", "s_id", "ses", "session", "shoppingFor", "itemSelected", "valValId", "hideForMe", "hideFromMe" );
    if( !$defined )
    {
    $pictSize = "small";
    $hideTracks = 0;
    //$backgroundImage = "lineBackground.gif";
    $pageNameArray[0] = "nothing";
    $pageArray[0] = "nothing";
    $oldPageName = "nothing";
    $session = "";
    $RichTextEnabled = 1;
    $s_id = "";
    $ses = "";
    $shoppingFor = "";
    $itemSelected = "";
    $valValId="";
    $hideForMe="";
    $hideFromMe="";
    }

    if( $valValId != "" && $HTTP_SERVER_VARS["SCRIPT_NAME"] != "/sendGift.php" )
    {
    sqlExecute( "INSERT INTO valentineNoPay SET vnpToId='".$shoppingFor."', vnpFromId='".$ses["sesPrfId"]."'" );
    $valValId="";
    $shoppingFor = "";
    $itemSelected = "";
    $user_message = "<p>Your gift was <strong><u>not</u></strong> received successfully because you did not pay for it. We just wanted to let you know that your gift <u><strong>will not be sent</strong></u>. If you would like to have a gift sent, you will need to pay for it.</p>";
    }

    require_once('configPaypal.inc.php');


    ///////////////////////////////
    //FIGURE OUT THE HISTORY STATUS
    if ($pageFlipBack > 0)
    {
    $pageFlipBack--;

    if ($pageFlipBack > 0)
    for ($i = 0; $i < $pageFlipBack; $i++)
    {
    $junk = array_pop($pageNameArray);
    $junk = array_pop($pageArray);
    }
    }
    elseif ($PAGE_NAME != "" && $HTTP_SERVER_VARS["REQUEST_METHOD"] == "GET")
    {
    if ($oldPageName != $PAGE_NAME)
    {
    $pageNameArray[] = $PAGE_NAME;
    $pageArray[] = $HTTP_SERVER_VARS["REQUEST_URI"];
    $oldPageName = $PAGE_NAME;
    }
    }
    ///////////////////////////////
    $seasonDate = date("nd", time());
    list( $season ) = sqlGetRec( "SELECT seaName FROM season WHERE seaBegin <= '$seasonDate' AND seaEnd >= '$seasonDate'" );
    if( $season != "" )
    $season = "/" . $season;

    if(isset($s_id)) {
    $currentDateTime = date( "YmdHis" );
    $ses = sqlGetRec("SELECT * FROM sessions WHERE s_id = '$s_id'");

    ///this section of code handles the 1 hour privacy box thing for users
    ///if users are inactive for 1 hour, they are prompted to login (and brought back to the page they were at)
    ///set the time duration below--make sure it is in NEGATIVE time, so two hours is "-2 hours"

    /* deactivated on July 13, 2005
    $timeout_after = "-2 hours";
    $last_login_row = sqlGetRec("SELECT prfPagDateTime,unix_timestamp(prfPagDateTime) as `unix_ts` FROM myprofile WHERE prfUsrId='".$ses[sesUsrId]."'");
    if (strtotime($timeout_after) > $last_login_row[1] && $ses[level] > 2 &&
    $_SERVER['PHP_SELF'] != "/login.php" && $_SERVER['PHP_SELF'] != "/menuRefresh.php" && empty($_POST)) {
    require_once('security.lib.php');
    $goto = substr($_SERVER['PHP_SELF'],1,strlen($_SERVER['PHP_SELF'])). "?";
    foreach ($_GET as $key=>$val) {
    $goto.=$key."=".$val."&";
    $get_vars=true;
    }
    $goto = substr($goto,0,strlen($goto)-1);
    session_destroy();
    require_once('template.lib.php');
    include("header.tpl.php");
    infoBox("Inactivity Notice","For your privacy, you must authenticate again due to account inactivity.<br><br>You will return to the page you were trying to view once you log in<br><br>This notice appears when you do not access the website for at least an hour without logging out.");
    echo "<p>";
    include("login.tpl.php");
    include("footer.tpl.php");
    exit;
    }
    end of deactivated code */

    ///this section of code checks to see if a user's paid membership information is incorrect (expiration or previous failed promotion)
    if (isset($ses['sesUsrId']) && $ses['sesUsrId'] > 2) {
    $user_data = sqlGetRec("SELECT * FROM myuser WHERE usrUsrId = ".$ses['sesUsrId']);
    include_once("config.cfg.php");
    if (($ses[level]==$usrLevelNumber['full'] || $user_data['usrUsrLevel']==$usrLevelNumber['full']) ) {
    $exp_rec = sqlGetRec("SELECT * FROM expiration WHERE usrUsrId = ".$ses['sesUsrId']);
    if ( (strtotime($exp_rec['usrExpDate']) < strtotime("now"))) {
    //the user's account has expired -- demote the user to a "friend"
    sqlExecute("UPDATE myuser SET usrUsrLevel = ".$usrLevelNumber['friend']." WHERE usrUsrId = ".$ses['sesUsrId']);
    sqlExecute("UPDATE sessions SET level = ".$usrLevelNumber['friend']." WHERE sesUsrId = ".$ses['sesUsrId']);
    $ses = sqlGetRec("SELECT * FROM sessions WHERE s_id = '$s_id'");
    $user_data = sqlGetRec("SELECT * FROM myuser WHERE usrUsrId = ".$ses['sesUsrId']);
    }
    }
    if (($ses[level]==$usrLevelNumber['friend'] || $user_data['usrUsrLevel']==$usrLevelNumber['friend']) ) {
    $exp_rec = sqlGetRec("SELECT * FROM expiration WHERE usrUsrId = ".$ses['sesUsrId']);
    if ( (strtotime($exp_rec['usrExpDate']) >= strtotime("now"))) {
    //the user has a paid account, promote him/her at once!!
    sqlExecute("UPDATE myuser SET usrUsrLevel = ".$usrLevelNumber['full']." WHERE usrUsrId = ".$ses['sesUsrId']);
    sqlExecute("UPDATE sessions SET level = ".$usrLevelNumber['full']." WHERE sesUsrId = ".$ses['sesUsrId']);
    $ses = sqlGetRec("SELECT * FROM sessions WHERE s_id = '$s_id'");
    $user_data = sqlGetRec("SELECT * FROM myuser WHERE usrUsrId = ".$ses['sesUsrId']);
    }
    }

    if ($ses[level] != $user_data['usrUsrLevel'] ) {
    sqlExecute("UPDATE sessions SET level = ".$user_data['usrUsrLevel']." WHERE sesUsrId = ".$ses['sesUsrId']);
    $ses = sqlGetRec("SELECT * FROM sessions WHERE s_id = '$s_id'");
    }
    }
    sqlExecute("UPDATE myprofile SET prfPagDateTime='$currentDateTime' WHERE prfPrfId='$ses[sesPrfId]'");
    }
    if(!isset($ses[id])) $ses[level] = $usrLevelNumber[public];
    // Gets both invalid s_id and no s_id
    $level = $ses['level'];
    $sesLevel = $ses[level];
    $sesId = $ses[sesPrfId];
    $sesUsrName = $ses[sesUsrName];
    $do_not_nag = array ("/login.php", "/menuRefresh.php", "/offer.php", "/blockSender.php", "/chatdata.php", "/livetalk.php");
    if (!in_array($_SERVER['PHP_SELF'],$do_not_nag) && $level > 2) {
    require("nag.inc.php");
    }

    ?>

  2. #2
    Join Date
    Dec 2002
    Location
    Quad Cities, Iowa
    Posts
    1,597
    Have you made any changes to Apache lately. (Eg.. Going from running as nobody to running PHPSuExec)? If that's the case you may need to clear out old sessions because they will be owned by "nobody" and now the username "democrat" is trying to access them.

    What are the permissions of the folder /home/democrat/tmp/sessions ?
    Who is the owner of /home/democrat/tmp/sessions/sess_04a71628c63863f2ff9f3235f682beab ?

    If your running PHPSuExec the owner of the session should be "democrat". If your running without it, the owner would be "nobody". Make sure that the owner of the file is matching the way you run apache.
    Need a new Web Host?
    Become a Host Refugee and receive TRUE 24/7 Support

    cPanel + Fantastico, PHP4 or PHP5
    HostRefugee.com - See our current promotions

  3. #3
    Quote Originally Posted by HostRefugee-Vince
    Have you made any changes to Apache lately. (Eg.. Going from running as nobody to running PHPSuExec)? If that's the case you may need to clear out old sessions because they will be owned by "nobody" and now the username "democrat" is trying to access them.

    What are the permissions of the folder /home/democrat/tmp/sessions ?
    Who is the owner of /home/democrat/tmp/sessions/sess_04a71628c63863f2ff9f3235f682beab ?

    If your running PHPSuExec the owner of the session should be "democrat". If your running without it, the owner would be "nobody". Make sure that the owner of the file is matching the way you run apache.


    Well, the server company I had migrate the site for me (to one of their dedicated servers) has been trying various things to resolve this - I did send along your WHT message to them. Last night they tried recompiling Apache, and that did not work. I am not the techie I should be, so I am gathering from your reply that you don't think it's a coding issue? I hired a coder to look at things yesterday, and working through the server operators (I have not given him root access yet), he determined this:

    "Comment:This has nothing to do with the code.
    The causes of this error can be one of the following:
    1. Cookies being set outside open_basedir
    2. Bad permissions among the directory traversal to the final files.
    3. Your allocated webspace being exausted e.g. full.
    I really need to take a look at the httpd.conf file and the files which cpanel includes them regarding your domain"

    I sent this along to the server company owner and he said he would see about the cookie settings...waiting on the answer at this time. If this does not work, I am not sure what to do next.

  4. #4
    I forgot to mention that they did set all to "nobody" which did not work. The sessions are set to 777 permission.

  5. #5
    Join Date
    Dec 2002
    Location
    Quad Cities, Iowa
    Posts
    1,597
    Quote Originally Posted by Sierranevada
    I sent this along to the server company owner and he said he would see about the cookie settings...waiting on the answer at this time. If this does not work, I am not sure what to do next.
    If this doesn't work you can contact me. I would be willing to take a look at the server to find where the problem lies.
    Need a new Web Host?
    Become a Host Refugee and receive TRUE 24/7 Support

    cPanel + Fantastico, PHP4 or PHP5
    HostRefugee.com - See our current promotions

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •