Fatal error: session_start(): Failed to initialize storage module: files问题解决方法

这篇文章主要介绍了Fatal error: session_start(): Failed to initialize storage module: files问题解决方法,需要的朋友可以参考下。

之前编译安装的LNMP环境+phpmyamdin4.02的版本,今天突然出现这个问题:

Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/phpmyadmin/libraries/session.inc.php on line 83

大致意思是session会话初始化的时候储存路径有误!第一反应就是查看php.ini的配置文件中的:

session.save_path = "/tmp"

默认前面是加的分号,表示不启用,我之前配置的时候已经启用了。那为什么还会报错呢?,于是网上找了一些资料,感觉都千篇一律:

1、检查error.log(Apache2.2\logs)文件,查看是否有错误报告。未发现。

2、检查php.ini中的session.save_handler的值是否为files,如果不是改为files

3、检查php.ini文件中session.save_path是否被注释了,如果有,则去掉前面的”;”。

4、将save_path后面的路径改成已有的路径,比如”D:\php\temp”

5、检查temp文件夹的属性是否可读可写。

6、重启APACHE服务器。OK

不知道那些哥们转载的时候自己试过了没有(在这里喷一下,最讨厌那种自己都没有亲测,就一股脑的转来转去。一点都不负责!)

根据上面的流程,排查了之后发现压根就没有解决,不过小编的服务器是nginx非apache。

然后自己写了一个脚本test.php:

  1. $r = session_start();
  2. var_dump($r);

打印结果为:

  1. Warning: session_start(): SAFE MODE Restriction in effect. The script whose uid is 501 is not allowed to access /tmp owned by uid 0 in /data/www/test.php on line 3 Fatal error: session_start(): Failed to initialize storage module: files (path: ) in /data/www/test.php on line 3

意思是 php5一个安全模式的bug,默认session的save_path是系统的临时目录,这样会要校验权限。而这个脚本不能通过/tmp拥有者uid为0来执行uid是501也是www用户组的权限

解决这个有两种解决方法:

1.关闭安全模式;

2.在命令行下chown改文件/目录的拥有者

当然两种方法都要求你有服务器的权限。

下面是示例php.ini的配置文件:

  1. [Session]
  2. ; Handler used to store/retrieve data.
  3. ; http://php.net/session.save-handler
  4. session.save_handler = files; Argument passed to save_handler. In the case of files, this is the path
  5. ; where data files are stored. Note: Windows users have to change this
  6. ; variable in order to use PHP's session functions.
  7. ; The path can be defined as:
  8. ; session.save_path = "N;/path"
  9. ; where N is an integer. Instead of storing all the session files in
  10. ; /path, what this will do is use subdirectories N-levels deep, and
  11. ; store the session data in those directories. This is useful if you
  12. ; or your OS have problems with lots of files in one directory, and is
  13. ; a more efficient layout for servers that handle lots of sessions.
  14. ; NOTE 1: PHP will not create this directory structure automatically.
  15. ; You can use the script in the ext/session dir for that purpose.
  16. ; NOTE 2: See the section on garbage collection below if you choose to
  17. ; use subdirectories for session storage
  18. ; The file storage module creates files using mode 600 by default.
  19. ; You can change that by using
  20. ; session.save_path = "N;MODE;/path"
  21. ; where MODE is the octal representation of the mode. Note that this
  22. ; does not overwrite the process's umask.
  23. ; http://php.net/session.save-path
  24. session.save_path = "/tmp"
  25. ; Whether to use cookies.
  26. ; http://php.net/session.use-cookies
  27. session.use_cookies = 1
  28. ; http://php.net/session.cookie-secure
  29. ;session.cookie_secure =
  30. ; This option forces PHP to fetch and use a cookie for storing and maintaining
  31. ; the session id. We encourage this operation as it's very helpful in combatting
  32. ; session hijacking when not specifying and managing your own session id. It is
  33. ; not the end all be all of session hijacking defense, but it's a good start.
  34. ; http://php.net/session.use-only-cookies
  35. session.use_only_cookies = 1
  36. ; Name of the session (used as cookie name).
  37. ; http://php.net/session.name
  38. session.name = PHPSESSID
  39. ; Initialize session on request startup.
  40. ; http://php.net/session.auto-start
  41. session.auto_start = 0
  42. ; Lifetime in seconds of cookie or, if 0, until browser is restarted.
  43. ; http://php.net/session.cookie-lifetime
  44. session.cookie_lifetime = 0
  45. ; The path for which the cookie is valid.
  46. ; http://php.net/session.cookie-path
  47. session.cookie_path = /
  48. ; The domain for which the cookie is valid.
  49. ; http://php.net/session.cookie-domain
  50. session.cookie_domain =
  51. ; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
  52. ; http://php.net/session.cookie-httponly
  53. session.cookie_httponly =
  54. ; Handler used to serialize data. php is the standard serializer of PHP.
  55. ; http://php.net/session.serialize-handler
  56. session.serialize_handler = php
  57. ; Defines the probability that the 'garbage collection' process is started
  58. ; on every session initialization. The probability is calculated by using
  59. ; gc_probability/gc_divisor. Where session.gc_probability is the numerator
  60. ; and gc_divisor is the denominator in the equation. Setting this value to 1
  61. ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
  62. ; the gc will run on any give request.
  63. ; Default Value: 1
  64. ; Development Value: 1
  65. ; Production Value: 1
  66. ; http://php.net/session.gc-probability
  67. session.gc_probability = 1
  68. ; Defines the probability that the 'garbage collection' process is started on every
  69. ; session initialization. The probability is calculated by using the following equation:
  70. ; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
  71. ; session.gc_divisor is the denominator in the equation. Setting this value to 1
  72. ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
  73. ; the gc will run on any give request. Increasing this value to 1000 will give you
  74. ; a 0.1% chance the gc will run on any give request. For high volume production servers,
  75. ; this is a more efficient approach.
  76. ; Default Value: 100
  77. ; Development Value: 1000
  78. ; Production Value: 1000
  79. ; http://php.net/session.gc-divisor
  80. session.gc_divisor = 1000
  81. ; After this number of seconds, stored data will be seen as 'garbage' and
  82. ; cleaned up by the garbage collection process.
  83. ; http://php.net/session.gc-maxlifetime
  84. session.gc_maxlifetime = 1440
  85. ; NOTE: If you are using the subdirectory option for storing session files
  86. ; (see session.save_path above), then garbage collection does *not*
  87. ; happen automatically. You will need to do your own garbage
  88. ; collection through a shell script, cron entry, or some other method.
  89. ; For example, the following script would is the equivalent of
  90. ; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
  91. ; find /path/to/sessions -cmin +24 | xargs rm
  92. ; PHP 4.2 and less have an undocumented feature/bug that allows you to
  93. ; to initialize a session variable in the global scope, even when register_globals
  94. ; is disabled. PHP 4.3 and later will warn you, if this feature is used.
  95. ; You can disable the feature and the warning separately. At this time,
  96. ; the warning is only displayed, if bug_compat_42 is enabled. This feature
  97. ; introduces some serious security problems if not handled correctly. It's
  98. ; recommended that you do not use this feature on production servers. But you
  99. ; should enable this on development servers and enable the warning as well. If you
  100. ; do not enable the feature on development servers, you won't be warned when it's
  101. ; used and debugging errors caused by this can be difficult to track down.
  102. ; Default Value: On
  103. ; Development Value: On
  104. ; Production Value: Off
  105. ; http://php.net/session.bug-compat-42
  106. session.bug_compat_42 = Off
  107. ; This setting controls whether or not you are warned by PHP when initializing a
  108. ; session value into the global space. session.bug_compat_42 must be enabled before
  109. ; these warnings can be issued by PHP. See the directive above for more information.
  110. ; Default Value: On
  111. ; Development Value: On
  112. ; Production Value: Off
  113. ; http://php.net/session.bug-compat-warn
  114. session.bug_compat_warn = Off
  115. ; Check HTTP Referer to invalidate externally stored URLs containing ids.
  116. ; HTTP_REFERER has to contain this substring for the session to be
  117. ; considered as valid.
  118. ; http://php.net/session.referer-check
  119. session.referer_check =
  120. ; How many bytes to read from the file.
  121. ; http://php.net/session.entropy-length
  122. session.entropy_length = 0
  123. ; Specified here to create the session id.
  124. ; http://php.net/session.entropy-file
  125. ; On systems that don't have /dev/urandom /dev/arandom can be used
  126. ; On windows, setting the entropy_length setting will activate the
  127. ; Windows random source (using the CryptoAPI)
  128. ;session.entropy_file = /dev/urandom
  129. ; Set to {nocache,private,public,} to determine HTTP caching aspects
  130. ; or leave this emptyempty to avoid sending anti-caching headers.
  131. ; http://php.net/session.cache-limiter
  132. session.cache_limiter = nocache
  133. ; Document expires after n minutes.
  134. ; http://php.net/session.cache-expire
  135. session.cache_expire = 180
  136. ; trans sid support is disabled by default.
  137. ; Use of trans sid may risk your users security.
  138. ; Use this option with caution.
  139. ; - User may send URL contains active session ID
  140. ; to other person via. email/irc/etc.
  141. ; - URL that contains active session ID may be stored
  142. ; in publically accessible computer.
  143. ; - User may access your site with the same session ID
  144. ; always using URL stored in browser's history or bookmarks.
  145. ; http://php.net/session.use-trans-sid
  146. session.use_trans_sid = 0
  147. ; Select a hash function for use in generating session ids.
  148. ; Possible Values
  149. ; 0 (MD5 128 bits)
  150. ; 1 (SHA-1 160 bits)
  151. ; This option may also be set to the name of any hash function supported by
  152. ; the hash extension. A list of available hashes is returned by the hash_algos()
  153. ; function.
  154. ; http://php.net/session.hash-function
  155. session.hash_function = 0
  156. ; Define how many bits are stored in each character when converting
  157. ; the binary hash data to something readable.
  158. ; Possible values:
  159. ; 4 (4 bits: 0-9, a-f)
  160. ; 5 (5 bits: 0-9, a-v)
  161. ; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
  162. ; Default Value: 4
  163. ; Development Value: 5
  164. ; Production Value: 5
  165. ; http://php.net/session.hash-bits-per-character
  166. session.hash_bits_per_character = 5
  167. ; The URL rewriter will look for URLs in a defined set of HTML tags.
  168. ; form/fieldset are special; if you include them here, the rewriter will
  169. ; add a hidden <input> field with the info which is otherwise appended
  170. ; to URLs. If you want XHTML conformity, remove the form entry.
  171. ; Note that all valid entries require a "=", even if no value follows.
  172. ; Default Value: "a=href,area=href,frame=src,form=,fieldset="
  173. ; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
  174. ; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
  175. ; http://php.net/url-rewriter.tags

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

因为这个是在一台VPS上面配置的,上面有多个项目,于是小编打开一个项目,发现此项目的验证码功能是OK的。

于是查看代码如下:

  1. $sessSavePath = "/data/sessions/";
  2. // Session保存路径
  3. if(is_writeable($sessSavePath) && is_readable($sessSavePath)){ session_save_path($sessSavePath); }
  4. if(!emptyempty($cfg_domain_cookie)) session_set_cookie_params(0,'/',$cfg_domain_cookie);

上面这个代码是在session_start() 初始化之前来判断是否存在session会话的文件夹。

于是就在phpmyadmin里面的保存的那个文件/phpmyadmin/libraries/session.inc.php做了下修改:

  1. if (! isset($_COOKIE[$session_name])) {
  2. // on first start of session we check for errors
  3. // f.e. session dir cannot be accessed - session file not created
  4. $orig_error_count = $GLOBALS['error_handler']->countErrors();
  5. //session_save_path('./tmp');
  6. session_save_path("/data/www/session");
  7. $r = session_start();
  8. if ($r !== true
  9. || $orig_error_count != $GLOBALS['error_handler']->countErrors()
  10. ) {
  11. setcookie($session_name, '', 1);
  12. /*
  13. * Session initialization is done before selecting language, so we
  14. * can not use translations here.
  15. */
  16. PMA_fatalError('Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.');
  17. }
  18. unset($orig_error_count);
  19. } else {
  20. session_save_path("/data/www/session");
  21. session_start();
  22. }

在 session_start(); 前面添加了 session_save_path(“/data/www/session”); 就解决了这个问题。

切记通过@ini_set(‘session.save_path', ”/data/www/session”);无效!

这个问题困扰了我几个小时,终于解决了,所以就记录下来,对日后应该会有帮助。