1

index.php

<?php
session_start();
header("Location: somewhere.php");
?>

<html>
  <head></head>

  <body>
  <?php $_SESSION['foo'] = 'bar'; ?>
  </body>
</html>

somewhere.php

<?php
session_start();
echo $_SESSION['foo'];
?>

I set a session variable in the body after a header call in index.php. Then it's found in somewhere.php. This happens even after restarting the browser. How is this happening?

Improve this question
2
  • Is the session value preserved from a previous call? Try changing the value to something else other than bar, and see what happens. Commented Jan 31, 2011 at 6:33
  • I've restarted the browser and it still persists. Have tried multiple values, everything I can think of. This was originally a serialized class but I simplified it to this. The problem persists. Commented Jan 31, 2011 at 6:35

4 Answers 4

Reset to default
2

Well, why not?

// starts session, sets cookie with session id
session_start();

// outputs Location header
header("Location: somewhere.php");

// rest of code keeps executing!

// sets session value foo
$_SESSION['foo'] = 'bar';

Just because you're outputting a Location header doesn't mean the rest of the script doesn't execute.
The session value is set and saved on the server, this is completely independent of whether headers have already been sent or not. The only header that needs to be send to the client is a cookie containing the session id, this can happen before or after populating the session values in the server's memory.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I thought the page hit header(), and immediately changed location. If not then, then after the <head> has been read. But surely not after the whole page has run? I could swear that hasn't happened in other scripts...
@Steve The browser may or may not immediately change location after having received the header, but your server is still generating and sending the complete page. This may be subject to race conditions, where the browser reads the header and aborts the current page download to start a redirect, which may cause the server to abort the current script, which may mean the variable is not being set. That's a lot of maybes though. If you explicitly do not want further code to be executed, you need to die() after outputting the Location header.
It's a bird, it's a plane...no it's deceze, helping out again. Thanks!
Nice edit. +1 didn't know about all that, and die() makes sense.
2

EDIT: Erhm. I'm tired. I misunderstood your question. Feel free to ignore this post

Session variables are superglobals. A cookie gets set in the client's browser with a session id. Whatever you set in $_SESSION get's stored on the server linked to the client's session id. When the user browses to a web page, PHP automatically populates $_SESSION with any previous data, until the session has expired.

Improve this answer

1 Comment

Thanks anyway mate I thought you were onto something too :)
1

try this and see if you are getting the same results:

<?php
session_start();
unset($_SESSION['foo']);
header("Location: somewhere.php");
?>

Edit:

    <?php
    session_start();
    unset($_SESSION['foo']);
    header("Location: somewhere.php");
    exit;//maybe this will stop the script from setting that session
    ?>
Improve this answer

1 Comment

Strangely, I do get the same results. Thought it would be useless but does this tell me something?
0

Becuase when you compiler rached on 4th line "header("Location: somewhere.php");"
your control goes to somewhere.php
You can use this.

index.php

< ?php

session_start();

$_SESSION["foo"] = "bar";

header("Location: somewhere.php");

?> Surely It will run

Improve this answer

1 Comment

Actually, the problem is that a variable set AFTER the header is still found in the new page. It should not be set yet, as I understand it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.