{"id":224,"date":"2010-11-16T10:17:58","date_gmt":"2010-11-16T10:17:58","guid":{"rendered":"http:\/\/www.nirvaat.com\/?p=224"},"modified":"2011-06-25T19:28:43","modified_gmt":"2011-06-25T19:28:43","slug":"session-issue-in-iis-with-cakephp","status":"publish","type":"post","link":"https:\/\/nirvaat.com\/blogs\/2010\/11\/session-issue-in-iis-with-cakephp\/","title":{"rendered":"Session issue in IIS with CakePHP"},"content":{"rendered":"<p>When working on PHP and MySql development we rarely get a chance to install the application on Windows IIS server. And today I was asked to do the same. The first issue was related with mod_rewrite which is easily solved by un-commenting the line &#8211;<\/p>\n<p>Configure::write(&#8216;App.baseUrl&#8217;, env(&#8216;SCRIPT_NAME&#8217;));<\/p>\n<p>But the big issue came when I found that session is not working. After login the user is immediately redirected back to log-in page. I searched on Google for many solutions related with session.save_path, server time issues, user_agent verification etc., but none of them worked.<\/p>\n<p>The I found a solution and I thought it may be helpful for some of you, or even me in future, if bookmarked here.I found a <a title=\"Session modifications in cakephp\" href=\"http:\/\/bakery.cakephp.org\/articles\/admad\/2009\/09\/02\/how-to-bend-cakephp-s-session-handling-to-your-needs\" target=\"_blank\">article in CakePHP Bakery<\/a>, which suggested to use a separate file to handle session. Although this was not related to this issue, I though to give it a try and it worked for me.<\/p>\n<p>To make it work you just need to create file in the \/app\/config folder with name, say session_handler.php. You can name it anything you like, and add below code in it:<code><br \/>\n<\/code><\/p>\n<p><code> &lt;?php<br \/>\n\/\/ You can copy the ini_set statements from the switch block here<br \/>\n\/\/ http:\/\/code.cakephp.org\/source\/branches\/1.2\/cake\/libs\/session.php#484<br \/>\n\/\/ for case 'php' (around line 484) and modify to your needs.<\/code><\/p>\n<p><code>\/\/ Lets assume our config value for Security.level is 'medium'<\/code><\/p>\n<p><code>\/\/Get rid of the referrer check even when Security.level is medium<br \/>\nini_set('session.referer_check', '');<br \/>\n\/\/ or you can use this to restore to previous value<br \/>\n\/\/ ini_restore('session.referer_check');<\/code><\/p>\n<p><code>\/\/Cookie lifetime set to 0, so session is destroyed when browser is closed and doesn't persist for days as it does by default when Security.level is 'low' or 'medium'<br \/>\nini_set('session.cookie_lifetime', 0);<\/p>\n<p>\/\/Now this feels a bit hacky so it would surely be nice to have a config variable for cookie path instead.<br \/>\n\/\/Cookie path is now '\/' even if your app is within a sub directory on the domain<br \/>\n$this-&gt;path = '\/';<br \/>\nini_set('session.cookie_path', $this-&gt;path);<\/p>\n<p>\/\/This sets the cookie domain to \".yourdomain.com\" thereby making session persists across all sub-domains<br \/>\nini_set('session.cookie_domain', env('HTTP_BASE'));<\/p>\n<p>\/\/Comment out\/remove this line if you want to keep using the default session cookie name 'PHPSESSID'<br \/>\n\/\/Useful when you want to share session vars with another non-cake app.<br \/>\nini_set('session.name', Configure::read('Session.cookie'));<\/p>\n<p><\/code><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><code>\/\/Makes sure PHPSESSID doesn't tag along in all your urls<br \/>\nini_set('session.use_trans_sid', 0);<br \/>\n?&gt;<br \/>\n<\/code><\/p>\n<p>Then modify &#8220;\/app\/config\/core.php&#8221;, and replace below line &#8211;<\/p>\n<p><code>Configure::write('Session.save', 'php');<\/code><\/p>\n<p>with<\/p>\n<p><code>Configure::write('Session.save', 'session_handler');<\/code><\/p>\n<p>You need to put the name of your session file in place of &#8220;session_handler&#8221;. Hopefully it will work.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When working on PHP and MySql development we rarely get a chance to install the application on Windows IIS server. And today I was asked to do the same. The first issue was related with mod_rewrite which is easily solved by un-commenting the line &#8211; Configure::write(&#8216;App.baseUrl&#8217;, env(&#8216;SCRIPT_NAME&#8217;)); But the big issue came when I found [&hellip;]<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"_vp_format_video_url":"","_vp_image_focal_point":[],"footnotes":""},"categories":[26,4],"tags":[5,40],"class_list":["post-224","post","type-post","status-publish","format-standard","hentry","category-quick-fixes","category-web-development","tag-cakephp","tag-iis-php-session-issue"],"_links":{"self":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/comments?post=224"}],"version-history":[{"count":6,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/224\/revisions"}],"predecessor-version":[{"id":255,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/224\/revisions\/255"}],"wp:attachment":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/media?parent=224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/categories?post=224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/tags?post=224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}