Fatal error: session_start (): Failed to initialize storage module:

Source: Internet
Author: User
Tags garbage collection html tags ini session id php and readable valid phpmyadmin

Original solution: Fatal error: session_start (): Failed to initialize storage module: files

After compiling and installing the LNMP environment + phpmyamdin4.02, this problem suddenly occurs today:
Fatal error: session_start (): Failed to initialize storage module: files (path:) in/data/www/phpmyadmin/libraries/session. inc. php on line 83

The storage path during session initialization is incorrect! The first reaction is to view the configuration file in php. ini:

The code is as follows: Copy code


Session. save_path = "/tmp"

By default, the semicolon is added to the front, indicating that it is not enabled. It is enabled when I configured it. So why is an error reported ?, As a result, I found some information on the Internet and felt like the same:
1. Check the error. log (Apache2.2logs) file to check whether an error report exists. Not found.

2. Check whether the value of session. save_handler in php. ini is files.

3. Check whether the session. save_path in the php. Ini file has been commented out. If yes, remove the preceding ";".

4. Change the path after save_path to an existing path, for example, "D: phptemp"

5. Check whether the properties of the temp folder are readable and writable.

6. Restart the APACHE server. OK
I don't know if my friends tried it when I reprinted it. (I hate it if I don't know how to do it. Not responsible at all !)
According to the above process, after troubleshooting, we found that it was not solved at all, but the server of Xiaoyu is nginx rather than apache.
Then I wrote a script test. php:

The code is as follows: Copy code
$ R = session_start (); var_dump ($ r );

The output is as follows:

Warning: session_start (): safe mode Restriction in effect. the script whose uid is 501 is not allowed to access/tmp owned by uid 0 in/data/www/test. php on line 3 Fatal error: session_start (): Failed to initialize storage module: files (path:) in/data/www/test. php on line 3

It indicates a security mode bug in php5. The save_path of the Default session is the temporary directory of the system, which requires permission verification. However, this script cannot run uid 0 by/tmp owner. uid is 501, which is also the permission of the www user group.
There are two solutions to this problem:
1. Disable security mode;

2. Change the owner of the file/directory in chown on the command line.

Of course, both methods require you to have Server permissions.

The following is the configuration file of Xiaoyu php. ini:

The code is as follows: Copy code

[Session]
; Handler used to store/retrieve data.
Http://php.net/session.save-handler
Session. save_handler = files; Argument passed to save_handler. In the case of files, this is the path
; Where data files are stored. Note: Windows users have to change this
; Variable in order to use PHP's session functions.
 ;
; The path can be defined:
 ;
; Session. save_path = "N;/path"
 ;
; Where N is an integer. Instead of storing all the session files in
;/Path, what this will do is use subdirectories N-levels deep, and
; Store the session data in those directories. This is useful if you
; Or your OS have problems with lots of files in one directory, and is
; A more efficient layout for servers that handle lots of sessions.
 ;
; NOTE 1: PHP will not create this directory structure automatically.
You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose
; Use subdirectories for session storage
 ;
; The file storage module creates files using mode 600 by default.
; You can change that by using
 ;
; Session. save_path = "N; MODE;/path"
 ;
; Where MODE is the octal representation of the mode. Note that this
; Does not overwrite the process's umask.
Http://php.net/session.save-path
Session. save_path = "/tmp"
; Whether to use cookies.
Http://php.net/session.use-cookies
Session. use_cookies = 1
Http://php.net/session.cookie-secure
; Session. cookie_secure =
; This option forces PHP to fetch and use a cookie for storing and maintaining
The session id. We encourage this operation as it's very helpful in combatting
; Session hijacking when not specifying and managing your own session id. It is
; Not the end all be all of session hijacking defense, but it's a good start.
Http://php.net/session.use-only-cookies
Session. use_only_cookies = 1
; Name of the session (used as cookie name ).
Http://php.net/session.name
Session. name = PHPSESSID
; Initialize session on request startup.
Http://php.net/session.auto-start
Session. auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
Http://php.net/session.cookie-lifetime
Session. cookie_lifetime = 0
; The path for which the cookie is valid.
Http://php.net/session.cookie-path
Session. cookie_path =/
; The domain for which the cookie is valid.
Http://php.net/session.cookie-domain
Session. cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting versions as JavaScript.
Http://php.net/session.cookie-httponly
Session. cookie_httponly =
; Handler used to serialize data. php is the standard serializer of PHP.
Http://php.net/session.serialize-handler
Session. serialize_handler = php
; Defines the probability that the 'bucket collect' process is started
; On every session initialization. The probability is calculated by using
; Gc_probability/gc_divisor. Where session. gc_probability is the numerator
; And gc_divisor is the denominator in the equation. Setting this value to 1
; When the session. gc_divisor value is 100 will give you approximately a 1% chance
; The gc will run on any give request.
; Default Value: 1
; Development Value: 1
; Production Value: 1
Http://php.net/session.gc-probability
Session. gc_probability = 1
; Defines the probability that the 'bucket collect' process is started on every
; Session initialization. The probability is calculated by using the following equation:
; Gc_probability/gc_divisor. Where session. gc_probability is the numerator and
; Session. gc_divisor is the denominator in the equation. Setting this value to 1
; When the session. gc_divisor value is 100 will give you approximately a 1% chance
; The gc will run on any give request. Increasing this value to 1000 will give you
; A 0.1% chance the gc will run on any give request. For high volume production servers,
; This is a more efficient approach.
; Default Value: 100
; Development Value: 1000
; Production Value: 1000
Http://php.net/session.gc-divisor
Session. gc_divisor = 1000
; After this number of seconds, stored data will be seen as 'garbage' and
; Cleaned up by the garbage collection process.
Http://php.net/session.gc-maxlifetime
Session. Gc_maxlife time = 1440
; NOTE: If you are using the subdirectory option for storing session files
; (See session. save_path above), then garbage collection does ** not *
; Happen automatically. You will need to do your own garbage
; Collection through a shell script, cron entry, or some other method.
; For example, the following script wocould is the equivalent
; Setting session. gc_maxlifetime to 1440 (1440 seconds = 24 minutes ):
; Find/path/to/sessions-cmin + 24 | xargs rm
; PHP 4.2 and less have an uninitialized ented feature/bug that allows you
; To initialize a session variable in the global scope, even when register_globals
; Is disabled. PHP 4.3 and later will warn you, if this feature is used.
You can disable the feature and the warning separately. At this time,
; The warning is only displayed, if bug_compat_42 is enabled. This feature
; Introduces some serious security problems if not handled correctly. It's
; Recommended that you do not use this feature on production servers. But you
; Shocould enable this on development servers and enable the warning as well. If you
; Do not enable the feature on development servers, you won't be warned when it's
; Used and debugging errors caused by this can be difficult to track down.
; Default Value: On
; Development Value: On
; Production Value: Off
Http://php.net/session.bug-compat-42
Session. bug_compat_42 = Off
; This setting controls whether or not you are warned by PHP when initializing
; Session value into the global space. session. bug_compat_42 must be enabled before
; These warnings can be issued by PHP. See the directive above for more information.
; Default Value: On
; Development Value: On
; Production Value: Off
Http://php.net/session.bug-compat-warn
Session. bug_compat_warn = Off
; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; Considered as valid.
Http://php.net/session.referer-check
Session. referer_check =
; How many bytes to read from the file.
Http://php.net/session.entropy-length
Session. entropy_length = 0
; Specified here to create the session id.
Http://php.net/session.entropy-file
; On systems that don't have/dev/urandom/dev/arandom can be used
; On windows, setting the entropy_length setting will activate
; Windows random source (using the CryptoAPI)
; Session. entropy_file =/dev/urandom
; Set to {nocache, private, public,} to determine HTTP caching aspects
; Or leave this empty to avoid sending anti-caching headers.
Http://php.net/session.cache-limiter
Session. cache_limiter = nocache
; Document expires after n minutes.
Http://php.net/session.cache-expire
Session. cache_expire = 180
; Trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
;-User may send URL contains active session ID
; To other person via. email/irc/etc.
;-URL that contains active session ID may be stored
; In publically accessible computer.
;-User may access your site with the same session ID
; Always using URL stored in browser's history or bookmarks.
Http://php.net/session.use-trans-sid
Session. use_trans_sid = 0
; Select a hash function for use in generating session ids.
; Possible Values
; 0 (MD5 128 bits)
; 1 (SHA-1 160 bits)
; This option may be set to the name of any hash function supported
; The hash extension. A list of available hashes is returned by the hash_algos ()
; Function.
Http://php.net/session.hash-function
Session. hash_function = 0
; Define how many bits are stored in each character when converting
The binary hash data to something readable.
; Possible values:
; 4 (4 bits: 0-9, a-f)
; 5 (5 bits: 0-9, a-v)
; 6 (6 bits: 0-9, a-z, A-Z ,"-",",")
; Default Value: 4
; Development Value: 5
; Production Value: 5
Http://php.net/session.hash-bits-per-character
Session. hash_bits_per_character = 5
; The URL rewriter will look for URLs in a defined set of HTML tags.
; Form/fieldset are special; if you include them here, the rewriter will
; Add a hidden <input> field with the info which is otherwise appended
; To URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
; Default Value: "a = href, area = href, frame = src, form =, fieldset ="
; Development Value: "a = href, area = href, frame = src, input = src, form = fakeentry"
; Production Value: "a = href, area = href, frame = src, input = src, form = fakeentry"
Http://php.net/url-rewriter.tags
Url_rewriter.tags = "a = href, area = href, frame = src, input = src, form = fakeentry"

Because this is configured on a VPS with multiple projects on it, Yi Yu opened a project and found this item
The purpose verification code function is OK.
The code is as follows:

The code is as follows: Copy code


$ SessSavePath = "/data/sessions /";
// Session save path
If (is_writeable ($ sessSavePath) & is_readable ($ sessSavePath) {session_save_path ($ sessSavePath );}
If (! Empty ($ pai_domain_cookie) session_set_cookie_params (0, '/', $ pai_domain_cookie );


The above code is used to determine whether a session folder exists before session_start () initialization.
The file/phpmyadmin/libraries/session. inc. php saved in phpmyadmin is modified as follows:

The code is as follows: Copy code


If (! Isset ($ _ COOKIE [$ session_name]) {
// On first start of session we check for errors
// F. e. session dir cannot be accessed-session file not created
$ Orig_error_count = $ GLOBALS ['error _ handler']-> countErrors ();
// Session_save_path ('./tmp ');
Session_save_path ("/data/www/session ");
$ R = session_start ();
If ($ r! = True
| $ Orig_error_count! = $ GLOBALS ['error _ handler']-> countErrors ()
){
Setcookie ($ session_name, '', 1 );
/*
* Session initialization is done before selecting language, so we
* Can not use translations here.
*/
PMA_fatalError ('cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. also ensure that cookies are enabled in your browser. ');
 }
Unset ($ orig_error_count );
} Else {
Session_save_path ("/data/www/session ");
Session_start ();
 }

Added session_save_path ("/data/www/session") before session_start (); to solve this problem.
Remember to use @ ini_set ('session. save_path ', "/data/www/session"); invalid!
This problem had plagued me for a few hours and finally solved it. So I recorded it and it would be helpful in the future.
If it is helpful to you, leave a message. If you have any comments, please contact us!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.