[suPHP] suPHP & PHP sessions

Patric Wed, 16 Jan 2008 03:22:24 -0800

Hi all,

Hope somebody can help me out here :)


I have noticed that the PHP sessions ($_SESSION variables) do not seem 
to expire, nor are the session files cleared, when running suPHP.

Setup:

Apache: httpd-2.0.52-38.ent
PHP   : PHP 5.2.5
suPHP : mod_suphp-0.6.2-1

/etc/suphp.conf:
[global]
logfile=/var/log/httpd/suphp_log
loglevel=info
webserver_user=apache
docroot=/
env_path=/bin:/usr/bin
umask=0077
min_uid=500
min_gid=500

; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false

;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true

;Send minor error messages to browser
errors_to_browser=false

[handlers]
;Handler for php-scripts
x-httpd-php=php:/usr/bin/php-cgi

;Handler for CGI-scripts
x-suphp-cgi=execute:!self


vhost.conf:
<Directory /path/to/vhost/httpdocs>
         <IfModule sapi_apache2.c>
                 <IfModule mod_suphp.c>
                         RemoveHandler x-httpd-php
                         php_admin_flag engine Off
                         suPHP_AddHandler x-httpd-php .php
                         suPHP_Engine on
                         suPHP_ConfigPath /path/to/vhost/conf/etc
                         AddHandler x-httpd-php .php
                         suPHP_UserGroup web-iscoza psacln
                 </IfModule>
         </IfModule>
         <IfModule mod_php5.c>
                 <IfModule mod_suphp.c>
                         RemoveHandler x-httpd-php
                         php_admin_flag engine Off
                         suPHP_AddHandler x-httpd-php .php
                         suPHP_Engine on
                         suPHP_ConfigPath /path/to/vhost/conf/etc
                         AddHandler x-httpd-php .php
                         suPHP_UserGroup web-iscoza psacln
                 </IfModule>
         </IfModule>
</Directory>

/path/to/vhost/conf/etc/php.ini :
session.auto_start 0
session.cache_expire 60
session.gc_maxlifetime 60
session.save_path /path/to/vhost/tmp

tmp directory:
drwxrwxrwt    2 root       root     4096 Jan 16 12:43 tmp

Test script:
<?php

session_start();

if (isset($_SESSION['test'])) {
   echo date('Y-m-d H:i:s');
   echo '<br>';
   echo 'Test is set to:'.$_SESSION['test'];
} else {
   echo date('Y-m-d H:i:s');
   echo '<br>';
   echo 'Setting session variable test...';
   $_SESSION['test'] = date('Y-m-d H:i:s');
}

?>

According to my php.ini settings the session should expire in 60 
seconds, but does not. If I switch off suPHP for the domain the sessions 
work correctly, and expire after 60 seconds.

Does anybody know of anything that I am missing? Anything would be a 
great help!

Please advise if I can provide any other information.

Many thanks
Patric

-- 

Q: I want to be a sysadmin.  What should I do?

A: Seek professional help.

----------------------------------------------------------------------
Free pop3 email with a spam filter.
http://www.bluebottle.com/tag/5


_______________________________________________
suPHP mailing list
[email protected]
http://lists.marsching.biz/mailman/listinfo/suphp

[suPHP] suPHP & PHP sessions

Reply via email to