Software Development > CakePHP Session Webroot Issues

CakePHP Session Webroot Issues

By LUKE MCGOVERN
Published: August 14, 2008

CakePHP's handling of session variables appears to be very weird at first. Some of the confusion is caused when $_SESSION variables are added within code in the app/webroot and they don't appear in any of the views, models or controllers. The reverse case is also true where session variables set by the CakePHP app cannot be accessed by the code in the app/webroot directory. Sounds like shenanigans but in your core.php file you should find something like...

Configure::write('Session.cookie', 'CAKEPHP');

If you change it to...

Configure::write('Session.cookie', 'PHPSESSID');

you should be back to basics and your $_SESSION vars will be shared across both areas. If you are still having problems look at your cookies on the site in question and check whether there are multiple sessions being maintained. In most instances you will only want to maintain one session.

Note: the session cookie name just needs to correspond to the session name in your php.ini file - the default is PHPSESSID.

Related Articles

Comments

1. SHADAB SHAIKH on April 16, 2009

Great Help..!! This is really very nice tip.. :)

2. N B on April 13, 2010

This one was really tough to find.

Thanks Luke for the great help.

Does this cause any security issue though ?

NB

3. Kurt on September 10, 2010

Thank you very much !!! It helped a LOT

K.

4. roberthuttinger on October 27, 2010

How can i get cake to set a global session. it currently lives in site.com/cake/, but I need session access from site.com as well as site.com/cake/

any ideas?

5. mcgyver on October 28, 2010

@roberthuttinger - the only thing I can think of that would be limiting the access of the session would be if the session cookie is bound to a path. Look at your cookies (using a browser plugin or developer view in Chrome) and see if the session is limited to the path /cake and if so, hunt down the code in CakePHP that is setting the cookie to that path (PHP would normal set it's session cookie to a global scope).

Good luck!

Any Comments?

SilverStripe: MVC and Template Engine

By LUKE MCGOVERN
Published: May 9, 2010

The templating system for the SilverStripe framework is a majorly crippled piece of work. The big question is: why?

SVN and Dreamweaver CS4 Integration

By LUKE MCGOVERN
Published: June 30, 2009

Adobe Dreamweaver CS4 now comes with SVN integration. It's their one big feature for developers in this version. Too bad it's completely useless.