1

We are running a web-app, that has a User portal and an Admin Portal. We have implemented a Feature for Our Customer Rep to be able to log-in as customer and perform actions on their behalf.

Our Working Stack is:

Php 7.1.2

MySql 5.8

Redis 5.1.0 (Cache & Session Management)

Yii 2.0.15

Ubuntu 18.04

User portal is let's say abc.com & Admin Portal is say admin.abc.com

the implementation of the feature is like following: On the new tab, currently on admin.abc.com

ini_set('session.save_path', 'tcp://127.0.0.1:6379?prefix=AT_R_');
$sessionCookieName = "AT_R_LOCAL_SESSID";
session_set_cookie_params(3600, '/', '.abc.com', false, true);
session_name($sessionCookieName);
session_regenerate_id(true);
session_start();

// after this, we set the User Data in session using
$session = Yii::$app->session;
foreach ($user->attributes as $key => $val)
    $session[$key] = $val;
}

and at last, we redirect the page to abc.com

The above functionality is working perfectly till Php 7.1.2, recently to implement a new feature we had to upgrade to PHP 7.2.3

After the upgrade, the Login as Customer feature has stopped working, We debugged and checked the session, The User data that is supposed to be set on to User Domain isn't getting set.

On debugging more, I found out that, the session is being set until we are onto the admin portal, I tried printing out $_SESSION, session_name(), session_get_cookie_params(). All seems perfect, but when the page is redirected from Admin Portal to User Portal, there's nothing in $_SESSION.

On the initial hit where the request comes to User Portal, I printed out $_SESSION, session_name(), session_get_cookie_params() again to verify, Except for $_SESSION everything is as it should. Just that $_SESSION gives an empty session.

More Info, If we do a regular Login on the User Portal, Session is getting set as it should. So my understanding is there is no issue with PHP-Redis communication.

On searching more, found out that working of session_name() has some changes since 7.2 Session_name() documentation

Update1:

The Functionality is working in PHP7.1 running without Docker ie in Local & Production.

On our staging server, which is on Docker; the above functionality doesn't work.

Might be due to the "/" param given in set_cookie_params.. Not sure though.

Update 2:

The above mentioned functionality doesn't work in 7.2, 7.3, 7.4

the session.save_path is tcp://127.0.0.1:6379?prefix=AT_R_.

session.save_path is valid for php7.1, but in 7.2+ I get an error saying: invalid directory Session save path is not a valid directory: tcp://127.0.0.1:6379?prefix=AT_R_ in /var/www/php-aertrip/vendor/yiisoft/yii2/web/Session.php:352

Please suggest how to fix this issue.

Thanks in advance.

Gunnrryy
  • 350
  • 1
  • 5
  • 17
  • First check if the problem has to do with yii – Wolfgang Blessen May 13 '20 at 18:12
  • I have posted the query along with this post in yii2 forum as well.. like here there also no response... – Gunnrryy May 13 '20 at 18:20
  • As far as I have checked all the operations i am doing above, i tried doing with the Yii fashion as well, but no luck... Original functionality was implemented using core php functions as I have mentioned in the code.. really not sure what is going wrong – Gunnrryy May 13 '20 at 18:22

0 Answers0