[pmwiki-devel] session_start problem

Patrick R. Michaud pmichaud at pobox.com
Wed Dec 6 11:27:38 CST 2006

On Tue, Dec 05, 2006 at 06:45:48PM -0000, marc wrote:
> marc said...
> > All that the login script does is:
> > 
> >   function LoggedIn ($userName) {
> >     session_start();
> >     $member =& $_SESSION['member'];
> >     if(!is_object($member)) $member = new Member($userName);
> >   }
> > 
> > The problem is that when session_start() is performed, the cart session 
> > variable disappears, and with it the displayed cart. But, when I comment 
> > out session_start(), everything behaves as normal.
> The solution turned out to be to move the include for the cart recipe 
> above the authuser recipe.
> There is something funky happening with sessions with authuser and I'd 
> appreciate it if someone could fill in the background.

PHP doesn't like or expect session_start() to be called multiple 
times within the same script -- when that happens PHP likes to
generate errors or even sometimes abort with a fatal error
(and silently, such that the page simply doesn't display).

PmWiki knows about this PHP limitation, and so it prefixes all
calls to session_start() with an '@', so that PHP won't abort
if a session already exists (and leaves the existing session open).

In the LoggedIn() function above, session_start() isn't
prefixed with the '@', thus PHP aborts when session_start()
is called and a session already exists (in this case, the
session started by AuthUser, although any recipe that is
using sessions could do it).  The solution of moving LoggedIn()
before including authuser.php "works" because PmWiki already
deals with the case of a session already being open when session_start()
is called.

I think the solution is to simply place an '@' before the
'session_start()' in the LoggedIn() function above.


More information about the pmwiki-devel mailing list