Session does not seem to get regenerated in PHP7.2

[jwittekind]

Login works fine and succeeds. The login request returns with success message, but also redirects to login page again. Tested in PHP7.2 Apache Ubuntu 16.04

[lianglee]

Which ossn version you tried on php 7.2?

[jwittekind]

Just downloaded the current state of the repository of 5.x here on Github to check out the newest changes.

[lianglee]

Sessional not generated if your session storage location have no writable permission

[jwittekind]

@lianglee Im still getting a strange error here. When i'm trying to find the code where the login fails, i'm getting to the function of ossn_isLoggedin() which returns false even if the login itself succeeded. My session Storage doesnt seem to be the problem here. It's restoring a valid String from the Session Storage. But the following condition fails here: ossn.lib.users.php:55 if(isset($user) && is_object($user) && **$user instanceof OssnUser**) { return true; } The variable $user is not an instance of the Class OssnUser. When the session user object gets passed to the function forceObject it returns an Object starting with __PHP_Incomplete_Class::__set_state(... The instance check therefore fails

[lianglee]

There is place that force the instance to OssnUser, did you tried to run on different machine , can you tell what is your server configurations, php version, apache, etc ?

[jwittekind]

I just created a new Hosting environment on my Server it has a core Ubuntu server installed No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.4 LTS Release: 16.04 Codename: xenial Running on apache 2.4 and https

This error might be caused by reading the session data before it was included. The Classname of the object can not get parsed.

some things i found about that topic: https://stackoverflow.com/questions/2010427/php-php-incomplete-class-object-with-my-session-data this trick is a bit harsh and i didn't got to work it anyway http://www.waytowp.com/access-php-incomplete-class/

[jwittekind]

These is my current permission set up- the session folder is readable and the data is also received by the PHP inside the $_SESSION['OSSN_USER'] variable

[jwittekind]

The login action itself succeeds -> redirects to /home This second request to the page /home fails, because the user is not logged in and this redirects me back to the login page. This is going pretty fast and gives me a kind of strange result:

[jwittekind]

@lianglee Found the error: In ossn/system/start.php load all Classes before session_start(), to ensure dependencies for the deserialization of the session storage object of type OssnUser. OssnEntities and further required classes do not exist here.

I'm not making a commit, because i haven't set up my ssh keys for github yet

[lianglee]

So loading all classes only before session_start() ?

[jwittekind]

@lianglee right! I just moved the line down right below the loop of class imports, which made it work for me!