Fatal error: session_start(): Failed to initialize storage module: files问题解决方法


Posted in PHP onMay 04, 2014

之前编译安装的LNMP环境+phpmyamdin4.02的版本,今天突然出现这个问题:

Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/phpmyadmin/libraries/session.inc.php on line 83

大致意思是session会话初始化的时候储存路径有误!第一反应就是查看php.ini的配置文件中的:
session.save_path = "/tmp"

默认前面是加的分号,表示不启用,我之前配置的时候已经启用了。那为什么还会报错呢?,于是网上找了一些资料,感觉都千篇一律:

1、检查error.log(Apache2.2\logs)文件,查看是否有错误报告。未发现。
2、检查php.ini中的session.save_handler的值是否为files,如果不是改为files
3、检查php.ini文件中session.save_path是否被注释了,如果有,则去掉前面的”;”。
4、将save_path后面的路径改成已有的路径,比如”D:\php\temp”
5、检查temp文件夹的属性是否可读可写。
6、重启APACHE服务器。OK

不知道那些哥们转载的时候自己试过了没有(在这里喷一下,最讨厌那种自己都没有亲测,就一股脑的转来转去。一点都不负责!)
根据上面的流程,排查了之后发现压根就没有解决,不过小编的服务器是nginx非apache。
然后自己写了一个脚本test.php:

$r = session_start(); 
var_dump($r);

打印结果为:
Warning: session_start(): SAFE MODE Restriction in effect. The script whose uid is 501 is not allowed to access /tmp owned by uid 0 in /data/www/test.php on line 3 Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/test.php on line 3

意思是 php5一个安全模式的bug,默认session的save_path是系统的临时目录,这样会要校验权限。而这个脚本不能通过/tmp拥有者uid为0来执行uid是501也是www用户组的权限
解决这个有两种解决方法:

1.关闭安全模式;
2.在命令行下chown改文件/目录的拥有者

当然两种方法都要求你有服务器的权限。
下面是示例php.ini的配置文件:

[Session]
 ; Handler used to store/retrieve data.
 ; http://php.net/session.save-handler
session.save_handler = files; Argument passed to save_handler.  In the case of files, this is the path
 ; where data files are stored. Note: Windows users have to change this
 ; variable in order to use PHP's session functions. ; The path can be defined as:
 ;     session.save_path = "N;/path"
 ; where N is an integer.  Instead of storing all the session files in
 ; /path, what this will do is use subdirectories N-levels deep, and
 ; store the session data in those directories.  This is useful if you
 ; or your OS have problems with lots of files in one directory, and is
 ; a more efficient layout for servers that handle lots of sessions.
 ; NOTE 1: PHP will not create this directory structure automatically.
 ;         You can use the script in the ext/session dir for that purpose.
 ; NOTE 2: See the section on garbage collection below if you choose to
 ;         use subdirectories for session storage
 ; The file storage module creates files using mode 600 by default.
 ; You can change that by using
 ;     session.save_path = "N;MODE;/path"
 ; where MODE is the octal representation of the mode. Note that this
 ; does not overwrite the process's umask.
 ; http://php.net/session.save-path
 session.save_path = "/tmp"
; Whether to use cookies.
 ; http://php.net/session.use-cookies
 session.use_cookies = 1
; http://php.net/session.cookie-secure
 ;session.cookie_secure =
; This option forces PHP to fetch and use a cookie for storing and maintaining
 ; the session id. We encourage this operation as it's very helpful in combatting
 ; session hijacking when not specifying and managing your own session id. It is
 ; not the end all be all of session hijacking defense, but it's a good start.
 ; http://php.net/session.use-only-cookies
 session.use_only_cookies = 1
; Name of the session (used as cookie name).
 ; http://php.net/session.name
 session.name = PHPSESSID
; Initialize session on request startup.
 ; http://php.net/session.auto-start
 session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
 ; http://php.net/session.cookie-lifetime
 session.cookie_lifetime = 0
; The path for which the cookie is valid.
 ; http://php.net/session.cookie-path
 session.cookie_path = /
; The domain for which the cookie is valid.
 ; http://php.net/session.cookie-domain
 session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
 ; http://php.net/session.cookie-httponly
 session.cookie_httponly =
; Handler used to serialize data.  php is the standard serializer of PHP.
 ; http://php.net/session.serialize-handler
 session.serialize_handler = php
; Defines the probability that the 'garbage collection' process is started
 ; on every session initialization. The probability is calculated by using
 ; gc_probability/gc_divisor. Where session.gc_probability is the numerator
 ; and gc_divisor is the denominator in the equation. Setting this value to 1
 ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
 ; the gc will run on any give request.
 ; Default Value: 1
 ; Development Value: 1
 ; Production Value: 1
 ; http://php.net/session.gc-probability
 session.gc_probability = 1
; Defines the probability that the 'garbage collection' process is started on every
 ; session initialization. The probability is calculated by using the following equation:
 ; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
 ; session.gc_divisor is the denominator in the equation. Setting this value to 1
 ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
 ; the gc will run on any give request. Increasing this value to 1000 will give you
 ; a 0.1% chance the gc will run on any give request. For high volume production servers,
 ; this is a more efficient approach.
 ; Default Value: 100
 ; Development Value: 1000
 ; Production Value: 1000
 ; http://php.net/session.gc-divisor
 session.gc_divisor = 1000
; After this number of seconds, stored data will be seen as 'garbage' and
 ; cleaned up by the garbage collection process.
 ; http://php.net/session.gc-maxlifetime
 session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
 ;       (see session.save_path above), then garbage collection does *not*
 ;       happen automatically.  You will need to do your own garbage
 ;       collection through a shell script, cron entry, or some other method.
 ;       For example, the following script would is the equivalent of
 ;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
 ;          find /path/to/sessions -cmin +24 | xargs rm
; PHP 4.2 and less have an undocumented feature/bug that allows you to
 ; to initialize a session variable in the global scope, even when register_globals
 ; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
 ; You can disable the feature and the warning separately. At this time,
 ; the warning is only displayed, if bug_compat_42 is enabled. This feature
 ; introduces some serious security problems if not handled correctly. It's
 ; recommended that you do not use this feature on production servers. But you
 ; should enable this on development servers and enable the warning as well. If you
 ; do not enable the feature on development servers, you won't be warned when it's
 ; used and debugging errors caused by this can be difficult to track down.
 ; Default Value: On
 ; Development Value: On
 ; Production Value: Off
 ; http://php.net/session.bug-compat-42
 session.bug_compat_42 = Off
; This setting controls whether or not you are warned by PHP when initializing a
 ; session value into the global space. session.bug_compat_42 must be enabled before
 ; these warnings can be issued by PHP. See the directive above for more information.
 ; Default Value: On
 ; Development Value: On
 ; Production Value: Off
 ; http://php.net/session.bug-compat-warn
 session.bug_compat_warn = Off
; Check HTTP Referer to invalidate externally stored URLs containing ids.
 ; HTTP_REFERER has to contain this substring for the session to be
 ; considered as valid.
 ; http://php.net/session.referer-check
 session.referer_check =
; How many bytes to read from the file.
 ; http://php.net/session.entropy-length
 session.entropy_length = 0
; Specified here to create the session id.
 ; http://php.net/session.entropy-file
 ; On systems that don't have /dev/urandom /dev/arandom can be used
 ; On windows, setting the entropy_length setting will activate the
 ; Windows random source (using the CryptoAPI)
 ;session.entropy_file = /dev/urandom
; Set to {nocache,private,public,} to determine HTTP caching aspects
 ; or leave this empty to avoid sending anti-caching headers.
 ; http://php.net/session.cache-limiter
 session.cache_limiter = nocache
; Document expires after n minutes.
 ; http://php.net/session.cache-expire
 session.cache_expire = 180
; trans sid support is disabled by default.
 ; Use of trans sid may risk your users security.
 ; Use this option with caution.
 ; - User may send URL contains active session ID
 ;   to other person via. email/irc/etc.
 ; - URL that contains active session ID may be stored
 ;   in publically accessible computer.
 ; - User may access your site with the same session ID
 ;   always using URL stored in browser's history or bookmarks.
 ; http://php.net/session.use-trans-sid
 session.use_trans_sid = 0
; Select a hash function for use in generating session ids.
 ; Possible Values
 ;   0  (MD5 128 bits)
 ;   1  (SHA-1 160 bits)
 ; This option may also be set to the name of any hash function supported by
 ; the hash extension. A list of available hashes is returned by the hash_algos()
 ; function.
 ; http://php.net/session.hash-function
 session.hash_function = 0
; Define how many bits are stored in each character when converting
 ; the binary hash data to something readable.
 ; Possible values:
 ;   4  (4 bits: 0-9, a-f)
 ;   5  (5 bits: 0-9, a-v)
 ;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
 ; Default Value: 4
 ; Development Value: 5
 ; Production Value: 5
 ; http://php.net/session.hash-bits-per-character
 session.hash_bits_per_character = 5
; The URL rewriter will look for URLs in a defined set of HTML tags.
 ; form/fieldset are special; if you include them here, the rewriter will
 ; add a hidden <input> field with the info which is otherwise appended
 ; to URLs.  If you want XHTML conformity, remove the form entry.
 ; Note that all valid entries require a "=", even if no value follows.
 ; Default Value: "a=href,area=href,frame=src,form=,fieldset="
 ; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
 ; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
 ; http://php.net/url-rewriter.tags
 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

因为这个是在一台VPS上面配置的,上面有多个项目,于是小编打开一个项目,发现此项目的验证码功能是OK的。
于是查看代码如下:

$sessSavePath = "/data/sessions/";
 // Session保存路径
 if(is_writeable($sessSavePath) && is_readable($sessSavePath)){ session_save_path($sessSavePath); }
 if(!empty($cfg_domain_cookie)) session_set_cookie_params(0,'/',$cfg_domain_cookie);

上面这个代码是在session_start() 初始化之前来判断是否存在session会话的文件夹。
于是就在phpmyadmin里面的保存的那个文件/phpmyadmin/libraries/session.inc.php做了下修改:

if (! isset($_COOKIE[$session_name])) {
 // on first start of session we check for errors
 // f.e. session dir cannot be accessed - session file not created
 $orig_error_count = $GLOBALS['error_handler']->countErrors();
 //session_save_path('./tmp');
 session_save_path("/data/www/session");
 $r = session_start();
 if ($r !== true
 || $orig_error_count != $GLOBALS['error_handler']->countErrors()
 ) {
 setcookie($session_name, '', 1);
 /*
 * Session initialization is done before selecting language, so we
 * can not use translations here.
 */
 PMA_fatalError('Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.');
 }
 unset($orig_error_count);
 } else {
 session_save_path("/data/www/session");
 session_start();
 }

在 session_start();  前面添加了  session_save_path(“/data/www/session”); 就解决了这个问题。
切记通过@ini_set(‘session.save_path', ”/data/www/session”);无效!
这个问题困扰了我几个小时,终于解决了,所以就记录下来,对日后应该会有帮助。

PHP 相关文章推荐
PHP 巧用数组降低程序的时间复杂度
Jan 01 PHP
php设计模式 Builder(建造者模式)
Jun 26 PHP
深入PHP内存相关的功能特性详解
Jun 08 PHP
解析php扩展php_curl.dll不加载的解决方法
Jun 26 PHP
php递归方法实现无限分类实例代码
Feb 28 PHP
ThinkPHP中ajax使用实例教程
Aug 22 PHP
使用PHP uniqid函数生成唯一ID
Nov 18 PHP
php5.4传引用时报错问题分析
Jan 22 PHP
利用PHP绘图函数实现简单验证码功能的方法
Oct 18 PHP
PHP回调函数与匿名函数实例详解
Aug 16 PHP
简单实现php上传文件功能
Sep 21 PHP
PHP过滤器 filter_has_var() 函数用法实例分析
Apr 23 PHP
PHPThumb图片处理实例
May 03 #PHP
PHP的preg_match匹配字符串长度问题解决方法
May 03 #PHP
PHP英文字母大小写转换函数小结
May 03 #PHP
php获取网卡的MAC地址支持WIN/LINUX系统
Apr 30 #PHP
php环境无法上传文件的解决方法
Apr 30 #PHP
php分页示例分享
Apr 30 #PHP
yii框架配置默认controller和action示例
Apr 30 #PHP
You might like
PHP高级编程实例:编写守护进程
2014/09/02 PHP
PHP程序员必须清楚的问题汇总
2014/12/18 PHP
PHP MVC框架路由学习笔记
2016/03/02 PHP
PHP-CGI远程代码执行漏洞分析与防范
2017/05/07 PHP
PHP实现驼峰样式字符串(首字母大写)转换成下划线样式字符串的方法示例
2017/08/10 PHP
thinkphp5修改view到根目录实例方法
2019/07/02 PHP
PHP设计模式(六)桥连模式Bridge实例详解【结构型】
2020/05/02 PHP
简单实用的js调试logger组件实现代码
2010/11/20 Javascript
JavaScript使用IEEE 标准进行二进制浮点运算产生莫名错误的解决方法
2011/05/28 Javascript
网站基于flash实现的Banner图切换效果代码
2014/10/14 Javascript
jQuery实现输入框邮箱内容自动补全与上下翻动显示效果【附demo源码下载】
2016/09/20 Javascript
js给table赋值的实例代码
2016/10/13 Javascript
vue多级多选菜单组件开发
2020/09/08 Javascript
js字符串与Unicode编码互相转换
2017/05/17 Javascript
jQuery滚动插件scrollable.js用法分析
2017/05/25 jQuery
vue.js加载新的内容(实例代码)
2017/06/01 Javascript
Sublime Text新建.vue模板并高亮(图文教程)
2017/10/26 Javascript
vue 系列——vue2-webpack2框架搭建踩坑之路
2017/12/22 Javascript
jQuery实现的模仿雨滴下落动画效果
2018/12/11 jQuery
详解如何提升JSON.stringify()的性能
2019/06/12 Javascript
vue 实现v-for循环回来的数据动态绑定id
2019/11/07 Javascript
Vue实现图片轮播组件思路及实例解析
2020/05/11 Javascript
分享8个JavaScript库可更好地处理本地存储
2020/10/12 Javascript
[05:31]干嘛呢兄弟!DOTA2 TI9语音轮盘部分出处
2019/05/14 DOTA
pycharm 使用心得(一)安装和首次使用
2014/06/05 Python
Python实现CET查分的方法
2015/03/10 Python
Python实现的生产者、消费者问题完整实例
2018/05/30 Python
使用 pytorch 创建神经网络拟合sin函数的实现
2020/02/24 Python
python+opencv3.4.0 实现HOG+SVM行人检测的示例代码
2021/01/28 Python
环境科学专业求职信
2014/08/04 职场文书
民主生活会主持词
2015/07/01 职场文书
2016教师廉洁教育心得体会
2016/01/13 职场文书
七年级作文(600字3篇)
2019/09/24 职场文书
python爬虫框架feapde的使用简介
2021/04/20 Python
MySQL触发器的使用
2021/05/24 MySQL
Python matplotlib可视化之绘制韦恩图
2022/02/24 Python