When working on PHP and MySql development we rarely get a chance to install the application on Windows IIS server. And today I was asked to do the same. The first issue was related with mod_rewrite which is easily solved by un-commenting the line –
But the big issue came when I found that session is not working. After login the user is immediately redirected back to log-in page. I searched on Google for many solutions related with session.save_path, server time issues, user_agent verification etc., but none of them worked.
The I found a solution and I thought it may be helpful for some of you, or even me in future, if bookmarked here.I found a article in CakePHP Bakery, which suggested to use a separate file to handle session. Although this was not related to this issue, I though to give it a try and it worked for me.
To make it work you just need to create file in the /app/config folder with name, say session_handler.php. You can name it anything you like, and add below code in it:
// You can copy the ini_set statements from the switch block here
// for case 'php' (around line 484) and modify to your needs.
// Lets assume our config value for Security.level is 'medium'
//Get rid of the referrer check even when Security.level is medium
// or you can use this to restore to previous value
//Cookie lifetime set to 0, so session is destroyed when browser is closed and doesn't persist for days as it does by default when Security.level is 'low' or 'medium'
//Now this feels a bit hacky so it would surely be nice to have a config variable for cookie path instead.
//Cookie path is now '/' even if your app is within a sub directory on the domain
$this->path = '/';
//This sets the cookie domain to ".yourdomain.com" thereby making session persists across all sub-domains
//Comment out/remove this line if you want to keep using the default session cookie name 'PHPSESSID'
//Useful when you want to share session vars with another non-cake app.
//Makes sure PHPSESSID doesn't tag along in all your urls
Then modify “/app/config/core.php”, and replace below line –
You need to put the name of your session file in place of “session_handler”. Hopefully it will work.