Sessions/files don't exist on Windows

wavesurf

I have a local development machine WinXP pro with IIS 5.1, php 4.3.3 and MySQL 4.0.16 and it works perfectly with sessions where it saves them to a local directory.

However, when I try to put the application on a Win 2003 server with IIS 6, php 4.3.2 and MySQL 4.0.16 my application doesn't work, because that environment doesn't seem to be able to save the session files.

Have checked that other applications (.asp) can save to the same directory, and the sessions settings in php.ini are identical.

Anyone have any ideas on how to get this fixed?

Thanks a lot...

Weedpacket

Do you get any error messages? What do they say?

wavesurf

Unfortunately I don't get any error messages.

Take a look at the script. When sessions work, the script executes perfectly, but when the session doesn't register, the script loops and tries to go to the same page at the start of every page, and since every page includes the session.php file nothing happens.

Any ideas?

<?
session_start();

if (!isset($SESSION["loggedOn"])) {
if (isset($SESSION["redirectPage"])) {
if ($_SERVER["PHP_SELF"] != $loginPage) {
unset($checkUserNum);

    // Redirect to index page
    header("Location: [url]http://[/url]" . $_SERVER["HTTP_HOST"] . "/Intranet/index.php");
    exit;
  }
} else {
  unset($checkUserNum);

  // Set redirect page
  $_SESSION["redirectPage"]=$_SERVER["PHP_SELF"];

  // Set initial securityLevel
  $_SESSION["initialSecurityLevel"]	=	"5";

  // Redirect to index page
  header("Location: [url]http://[/url]" . $_SERVER["HTTP_HOST"] . "/Intranet/index.php");
  exit;
}

}

if (isset($POST["loggingOn"]) == "In") {
if (isset($SESSION["wrongLogin"]) == "Yes") {
unset($SESSION["wrongLogin"]);
}
$userName = $POST["userName"];
$passWord = $_POST["passWord"];

// Check username and password
$checkUser ="SELECT userId, securityLevel FROM " . $userDatabase . " WHERE userName = '" . $userName . "' AND passWord = '" . $passWord . "'";

$checkUserResult = mysql_db_query($database, $checkUser) or die ("Couldn't execute checkUser query.");

$checkUserRow  =  mysql_fetch_array($checkUserResult);
  $userId  =  stripslashes($checkUserRow["userId"]);
  $securityLevel  =  stripslashes($checkUserRow["securityLevel"]);

  $checkUserNum  =  mysql_num_rows($checkUserResult);

  if ($checkUserNum >= 1) {
    $_SESSION["loggedOn"]  =  "yes";
    $_SESSION["userId"]  =  $userId;
    $_SESSION["securityLevel"]  =  $securityLevel;

    unset($_SESSION["initialSecurityLevel"]);
  } elseif ($checkUserNum == 0) {
    $_SESSION["wrongLogin"]  =  "Yes";
  }

if (isset($_SESSION["redirectPage"])) {
  $destinationPage  =  $_SESSION["redirectPage"];
  unset($_SESSION["redirectPage"]);
  header("Location: [url]http://[/url]". $_SERVER["HTTP_HOST"] . $destinationPage);
  exit;
}

}

if (isset($SESSION["loggedOn"])) {
$loggedOn = $SESSION["loggedOn"];
$userId = $SESSION["userId"];
$securityLevel = $SESSION["securityLevel"];

$getUserName  ="SELECT userName FROM " . $userDatabase . " WHERE userId	=	'" . $userId . "'";

$getUserNameResult  =  mysql_db_query($database, $getUserName) or die ("Couldn't execute getUserNameResult.");

$getUserNameRow  =  mysql_fetch_array($getUserNameResult);

$userName  =  stripslashes($getUserNameRow["userName"]);

}
?>

Tristan_Wells

Try adding this to the top of the script. It may drag an error or two out.

error_reporting(E_ALL);

wavesurf

Thanks for all help. I got it working. There was an ini-file discrepancy which has been fixed.