之前编译安装的LNMP环境+phpmyamdin4.02的版本,今天突然出现这个问题:
Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/phpmyadmin/libraries/session.inc.php on line 83
大致意思是session会话初始化的时候储存路径有误!第一反应就是查看php.ini的配置文件中的:
session.save_path = "/tmp"
默认前面是加的分号,表示不启用,我之前配置的时候已经启用了。那为什么还会报错呢?,于是网上找了一些资料,感觉都千篇一律:
1、检查error.log(Apache2.2\logs)文件,查看是否有错误报告。未发现。
2、检查php.ini中的session.save_handler的值是否为files,如果不是改为files
3、检查php.ini文件中session.save_path是否被注释了,如果有,则去掉前面的”;”。
4、将save_path后面的路径改成已有的路径,比如”D:\php\temp”
5、检查temp文件夹的属性是否可读可写。
6、重启APACHE服务器。OK
不知道那些哥们转载的时候自己试过了没有(在这里喷一下,最讨厌那种自己都没有亲测,就一股脑的转来转去。一点都不负责!)
根据上面的流程,排查了之后发现压根就没有解决,不过小编的服务器是nginx非apache。
然后自己写了一个脚本test.php:
$r = session_start(); <BR>var_dump($r);
打印结果为:
Warning: session_start(): SAFE MODE Restriction in effect. The script whose uid is 501 is not allowed to access /tmp owned by uid 0 in /data/www/test.php on line 3 Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/test.php on line 3<BR>
意思是 php5一个安全模式的bug,默认session的save_path是系统的临时目录,这样会要校验权限。而这个脚本不能通过/tmp拥有者uid为0来执行uid是501也是www用户组的权限
解决这个有两种解决方法:
1.关闭安全模式;
2.在命令行下chown改文件/目录的拥有者
当然两种方法都要求你有服务器的权限。
下面是示例php.ini的配置文件:
[Session]<BR> ; Handler used to store/retrieve data.<BR> ; http://php.net/session.save-handler<BR>session.save_handler = files; Argument passed to save_handler. In the case of files, this is the path<BR> ; where data files are stored. Note: Windows users have to change this<BR> ; variable in order to use PHP's session functions.<br><br> ; The path can be defined as:<br><br> ; session.save_path = "N;/path"<br><br> ; where N is an integer. Instead of storing all the session files in<BR> ; /path, what this will do is use subdirectories N-levels deep, and<BR> ; store the session data in those directories. This is useful if you<BR> ; or your OS have problems with lots of files in one directory, and is<BR> ; a more efficient layout for servers that handle lots of sessions.<br><br> ; NOTE 1: PHP will not create this directory structure automatically.<BR> ;<b>%本文@来源gao@!dai!ma.com搞$$代^@码!网</b><strong>搞代gaodaima码</strong> You can use the script in the ext/session dir for that purpose.<BR> ; NOTE 2: See the section on garbage collection below if you choose to<BR> ; use subdirectories for session storage<br><br> ; The file storage module creates files using mode 600 by default.<BR> ; You can change that by using<br><br> ; session.save_path = "N;MODE;/path"<br><br> ; where MODE is the octal representation of the mode. Note that this<BR> ; does not overwrite the process's umask.<BR> ; http://php.net/session.save-path<BR> session.save_path = "/tmp"<BR>; Whether to use cookies.<BR> ; http://php.net/session.use-cookies<BR> session.use_cookies = 1<BR>; http://php.net/session.cookie-secure<BR> ;session.cookie_secure =<BR>; This option forces PHP to fetch and use a cookie for storing and maintaining<BR> ; the session id. We encourage this operation as it's very helpful in combatting<BR> ; session hijacking when not specifying and managing your own session id. It is<BR> ; not the end all be all of session hijacking defense, but it's a good start.<BR> ; http://php.net/session.use-only-cookies<BR> session.use_only_cookies = 1<BR>; Name of the session (used as cookie name).<BR> ; http://php.net/session.name<BR> session.name = PHPSESSID<BR>; Initialize session on request startup.<BR> ; http://php.net/session.auto-start<BR> session.auto_start = 0<BR>; Lifetime in seconds of cookie or, if 0, until browser is restarted.<BR> ; http://php.net/session.cookie-lifetime<BR> session.cookie_lifetime = 0<BR>; The path for which the cookie is valid.<BR> ; http://php.net/session.cookie-path<BR> session.cookie_path = /<BR>; The domain for which the cookie is valid.<BR> ; http://php.net/session.cookie-domain<BR> session.cookie_domain =<BR>; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.<BR> ; http://php.net/session.cookie-httponly<BR> session.cookie_httponly =<BR>; Handler used to serialize data. php is the standard serializer of PHP.<BR> ; http://php.net/session.serialize-handler<BR> session.serialize_handler = php<BR>; Defines the probability that the 'garbage collection' process is started<BR> ; on every session initialization. The probability is calculated by using<BR> ; gc_probability/gc_divisor. Where session.gc_probability is the numerator<BR> ; and gc_divisor is the denominator in the equation. Setting this value to 1<BR> ; when the session.gc_divisor value is 100 will give you approximately a 1% chance<BR> ; the gc will run on any give request.<BR> ; Default Value: 1<BR> ; Development Value: 1<BR> ; Production Value: 1<BR> ; http://php.net/session.gc-probability<BR> session.gc_probability = 1<BR>; Defines the probability that the 'garbage collection' process is started on every<BR> ; session initialization. The probability is calculated by using the following equation:<BR> ; gc_probability/gc_divisor. Where session.gc_probability is the numerator and<BR> ; session.gc_divisor is the denominator in the equation. Setting this value to 1<BR> ; when the session.gc_divisor value is 100 will give you approximately a 1% chance<BR> ; the gc will run on any give request. Increasing this value to 1000 will give you<BR> ; a 0.1% chance the gc will run on any give request. For high volume production servers,<BR> ; this is a more efficient approach.<BR> ; Default Value: 100<BR> ; Development Value: 1000<BR> ; Production Value: 1000<BR> ; http://php.net/session.gc-divisor<BR> session.gc_divisor = 1000<BR>; After this number of seconds, stored data will be seen as 'garbage' and<BR> ; cleaned up by the garbage collection process.<BR> ; http://php.net/session.gc-maxlifetime<BR> session.gc_maxlifetime = 1440<BR>; NOTE: If you are using the subdirectory option for storing session files<BR> ; (see session.save_path above), then garbage collection does *not*<BR> ; happen automatically. You will need to do your own garbage<BR> ; collection through a shell script, cron entry, or some other method.<BR> ; For example, the following script would is the equivalent of<BR> ; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):<BR> ; find /path/to/sessions -cmin +24 | xargs rm<BR>; PHP 4.2 and less have an undocumented feature/bug that allows you to<BR> ; to initialize a session variable in the global scope, even when register_globals<BR> ; is disabled. PHP 4.3 and later will warn you, if this feature is used.<BR> ; You can disable the feature and the warning separately. At this time,<BR> ; the warning is only displayed, if bug_compat_42 is enabled. This feature<BR> ; introduces some serious security problems if not handled correctly. It's<BR> ; recommended that you do not use this feature on production servers. But you<BR> ; should enable this on development servers and enable the warning as well. If you<BR> ; do not enable the feature on development servers, you won't be warned when it's<BR> ; used and debugging errors caused by this can be difficult to track down.<BR> ; Default Value: On<BR> ; Development Value: On<BR> ; Production Value: Off<BR> ; http://php.net/session.bug-compat-42<BR> session.bug_compat_42 = Off<BR>; This setting controls whether or not you are warned by PHP when initializing a<BR> ; session value into the global space. session.bug_compat_42 must be enabled before<BR> ; these warnings can be issued by PHP. See the directive above for more information.<BR> ; Default Value: On<BR> ; Development Value: On<BR> ; Production Value: Off<BR> ; http://php.net/session.bug-compat-warn<BR> session.bug_compat_warn = Off<BR>; Check HTTP Referer to invalidate externally stored URLs containing ids.<BR> ; HTTP_REFERER has to contain this substring for the session to be<BR> ; considered as valid.<BR> ; http://php.net/session.referer-check<BR> session.referer_check =<BR>; How many bytes to read from the file.<BR> ; http://php.net/session.entropy-length<BR> session.entropy_length = 0<BR>; Specified here to create the session id.<BR> ; http://php.net/session.entropy-file<BR> ; On systems that don't have /dev/urandom /dev/arandom can be used<BR> ; On windows, setting the entropy_length setting will activate the<BR> ; Windows random source (using the CryptoAPI)<BR> ;session.entropy_file = /dev/urandom<BR>; Set to {nocache,private,public,} to determine HTTP caching aspects<BR> ; or leave this empty to avoid sending anti-caching headers.<BR> ; http://php.net/session.cache-limiter<BR> session.cache_limiter = nocache<BR>; Document expires after n minutes.<BR> ; http://php.net/session.cache-expire<BR> session.cache_expire = 180<BR>; trans sid support is disabled by default.<BR> ; Use of trans sid may risk your users security.<BR> ; Use this option with caution.<BR> ; - User may send URL contains active session ID<BR> ; to other person via. email/irc/etc.<BR> ; - URL that contains active session ID may be stored<BR> ; in publically accessible computer.<BR> ; - User may access your site with the same session ID<BR> ; always using URL stored in browser's history or bookmarks.<BR> ; http://php.net/session.use-trans-sid<BR> session.use_trans_sid = 0<BR>; Select a hash function for use in generating session ids.<BR> ; Possible Values<BR> ; 0 (MD5 128 bits)<BR> ; 1 (SHA-1 160 bits)<BR> ; This option may also be set to the name of any hash function supported by<BR> ; the hash extension. A list of available hashes is returned by the hash_algos()<BR> ; function.<BR> ; http://php.net/session.hash-function<BR> session.hash_function = 0<BR>; Define how many bits are stored in each character when converting<BR> ; the binary hash data to something readable.<BR> ; Possible values:<BR> ; 4 (4 bits: 0-9, a-f)<BR> ; 5 (5 bits: 0-9, a-v)<BR> ; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")<BR> ; Default Value: 4<BR> ; Development Value: 5<BR> ; Production Value: 5<BR> ; http://php.net/session.hash-bits-per-character<BR> session.hash_bits_per_character = 5<BR>; The URL rewriter will look for URLs in a defined set of HTML tags.<BR> ; form/fieldset are special; if you include them here, the rewriter will<BR> ; add a hidden field with the info which is otherwise appended<BR> ; to URLs. If you want XHTML conformity, remove the form entry.<BR> ; Note that all valid entries require a "=", even if no value follows.<BR> ; Default Value: "a=href,area=href,frame=src,form=,fieldset="<BR> ; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"<BR> ; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"<BR> ; http://php.net/url-rewriter.tags<BR> url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"<BR>
因为这个是在一台VPS上面配置的,上面有多个项目,于是小编打开一个项目,发现此项目的验证码功能是OK的。
于是查看代码如下:
$sessSavePath = "/data/sessions/";<BR> // Session保存路径<BR> if(is_writeable($sessSavePath) && is_readable($sessSavePath)){ session_save_path($sessSavePath); }<BR> if(!empty($cfg_domain_cookie)) session_set_cookie_params(0,'/',$cfg_domain_cookie);<BR>
上面这个代码是在session_start() 初始化之前来判断是否存在session会话的文件夹。
于是就在phpmyadmin里面的保存的那个文件/phpmyadmin/libraries/session.inc.php做了下修改:
if (! isset($_COOKIE[$session_name])) {<BR> // on first start of session we check for errors<BR> // f.e. session dir cannot be accessed - session file not created<BR> $orig_error_count = $GLOBALS['error_handler']->countErrors();<BR> //session_save_path('./tmp');<BR> session_save_path("/data/www/session");<BR> $r = session_start();<BR> if ($r !== true<BR> || $orig_error_count != $GLOBALS['error_handler']->countErrors()<BR> ) {<BR> setcookie($session_name, '', 1);<BR> /*<BR> * Session initialization is done before selecting language, so we<BR> * can not use translations here.<BR> */<BR> PMA_fatalError('Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.');<BR> }<BR> unset($orig_error_count);<BR> } else {<BR> session_save_path("/data/www/session");<BR> session_start();<BR> }<BR>
在 session_start(); 前面添加了 session_save_path(“/data/www/session”); 就解决了这个问题。
切记通过@ini_set(‘session.save_path’, ”/data/www/session”);无效!
这个问题困扰了我几个小时,终于解决了,所以就记录下来,对日后应该会有帮助。
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:Fatal error: session_start(): Failed to initialize storage module: files问题解决方法_php技巧
转载请注明原文链接:Fatal error: session_start(): Failed to initialize storage module: files问题解决方法_php技巧
