欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

Fatal error: session_start(): Failed to initialize storage module: files问题解决方法

程序员文章站 2022-06-29 08:37:16
之前编译安装的lnmp环境+phpmyamdin4.02的版本,今天突然出现这个问题:复制代码 代码如下:fatal error: session_start(): fai...

之前编译安装的lnmp环境+phpmyamdin4.02的版本,今天突然出现这个问题:

复制代码 代码如下:
fatal error: session_start(): failed to initialize storage module: files (path: ) in /data/www/phpmyadmin/libraries/session.inc.php on line 83

大致意思是session会话初始化的时候储存路径有误!第一反应就是查看php.ini的配置文件中的:
复制代码 代码如下:
session.save_path = "/tmp"

默认前面是加的分号,表示不启用,我之前配置的时候已经启用了。那为什么还会报错呢?,于是网上找了一些资料,感觉都千篇一律:

1、检查error.log(apache2.2\logs)文件,查看是否有错误报告。未发现。
2、检查php.ini中的session.save_handler的值是否为files,如果不是改为files
3、检查php.ini文件中session.save_path是否被注释了,如果有,则去掉前面的”;”。
4、将save_path后面的路径改成已有的路径,比如”d:\php\temp”
5、检查temp文件夹的属性是否可读可写。
6、重启apache服务器。ok

不知道那些哥们转载的时候自己试过了没有(在这里喷一下,最讨厌那种自己都没有亲测,就一股脑的转来转去。一点都不负责!)
根据上面的流程,排查了之后发现压根就没有解决,不过小编的服务器是nginx非apache。
然后自己写了一个脚本test.php:

复制代码 代码如下:

$r = session_start();
var_dump($r);

打印结果为:
复制代码 代码如下:

warning: session_start(): safe mode restriction in effect. the script whose uid is 501 is not allowed to access /tmp owned by uid 0 in /data/www/test.php on line 3 fatal error: session_start(): failed to initialize storage module: files (path: ) in /data/www/test.php on line 3

意思是 php5一个安全模式的bug,默认session的save_path是系统的临时目录,这样会要校验权限。而这个脚本不能通过/tmp拥有者uid为0来执行uid是501也是www用户组的权限
解决这个有两种解决方法:

1.关闭安全模式;
2.在命令行下chown改文件/目录的拥有者

当然两种方法都要求你有服务器的权限。
下面是示例php.ini的配置文件:

复制代码 代码如下:

[session]
 ; handler used to store/retrieve data.
 ; http://php.net/session.save-handler
session.save_handler = files; argument passed to save_handler.  in the case of files, this is the path
 ; where data files are stored. note: windows users have to change this
 ; variable in order to use php's session functions.

 ; the path can be defined as:

 ;     session.save_path = "n;/path"

 ; where n is an integer.  instead of storing all the session files in
 ; /path, what this will do is use subdirectories n-levels deep, and
 ; store the session data in those directories.  this is useful if you
 ; or your os have problems with lots of files in one directory, and is
 ; a more efficient layout for servers that handle lots of sessions.

 ; note 1: php will not create this directory structure automatically.
 ;         you can use the script in the ext/session dir for that purpose.
 ; note 2: see the section on garbage collection below if you choose to
 ;         use subdirectories for session storage

 ; the file storage module creates files using mode 600 by default.
 ; you can change that by using

 ;     session.save_path = "n;mode;/path"

 ; where mode is the octal representation of the mode. note that this
 ; does not overwrite the process's umask.
 ; http://php.net/session.save-path
 session.save_path = "/tmp"
; whether to use cookies.
 ; http://php.net/session.use-cookies
 session.use_cookies = 1
; http://php.net/session.cookie-secure
 ;session.cookie_secure =
; this option forces php to fetch and use a cookie for storing and maintaining
 ; the session id. we encourage this operation as it's very helpful in combatting
 ; session hijacking when not specifying and managing your own session id. it is
 ; not the end all be all of session hijacking defense, but it's a good start.
 ; http://php.net/session.use-only-cookies
 session.use_only_cookies = 1
; name of the session (used as cookie name).
 ; http://php.net/session.name
 session.name = phpsessid
; initialize session on request startup.
 ; http://php.net/session.auto-start
 session.auto_start = 0
; lifetime in seconds of cookie or, if 0, until browser is restarted.
 ; http://php.net/session.cookie-lifetime
 session.cookie_lifetime = 0
; the path for which the cookie is valid.
 ; http://php.net/session.cookie-path
 session.cookie_path = /
; the domain for which the cookie is valid.
 ; http://php.net/session.cookie-domain
 session.cookie_domain =
; whether or not to add the httponly flag to the cookie, which makes it inaccessible to browser scripting languages such as javascript.
 ; http://php.net/session.cookie-httponly
 session.cookie_httponly =
; handler used to serialize data.  php is the standard serializer of php.
 ; http://php.net/session.serialize-handler
 session.serialize_handler = php
; defines the probability that the 'garbage collection' process is started
 ; on every session initialization. the probability is calculated by using
 ; gc_probability/gc_divisor. where session.gc_probability is the numerator
 ; and gc_divisor is the denominator in the equation. setting this value to 1
 ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
 ; the gc will run on any give request.
 ; default value: 1
 ; development value: 1
 ; production value: 1
 ; http://php.net/session.gc-probability
 session.gc_probability = 1
; defines the probability that the 'garbage collection' process is started on every
 ; session initialization. the probability is calculated by using the following equation:
 ; gc_probability/gc_divisor. where session.gc_probability is the numerator and
 ; session.gc_divisor is the denominator in the equation. setting this value to 1
 ; when the session.gc_divisor value is 100 will give you approximately a 1% chance
 ; the gc will run on any give request. increasing this value to 1000 will give you
 ; a 0.1% chance the gc will run on any give request. for high volume production servers,
 ; this is a more efficient approach.
 ; default value: 100
 ; development value: 1000
 ; production value: 1000
 ; http://php.net/session.gc-divisor
 session.gc_divisor = 1000
; after this number of seconds, stored data will be seen as 'garbage' and
 ; cleaned up by the garbage collection process.
 ; http://php.net/session.gc-maxlifetime
 session.gc_maxlifetime = 1440
; note: if you are using the subdirectory option for storing session files
 ;       (see session.save_path above), then garbage collection does *not*
 ;       happen automatically.  you will need to do your own garbage
 ;       collection through a shell script, cron entry, or some other method.
 ;       for example, the following script would is the equivalent of
 ;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
 ;          find /path/to/sessions -cmin +24 | xargs rm
; php 4.2 and less have an undocumented feature/bug that allows you to
 ; to initialize a session variable in the global scope, even when register_globals
 ; is disabled.  php 4.3 and later will warn you, if this feature is used.
 ; you can disable the feature and the warning separately. at this time,
 ; the warning is only displayed, if bug_compat_42 is enabled. this feature
 ; introduces some serious security problems if not handled correctly. it's
 ; recommended that you do not use this feature on production servers. but you
 ; should enable this on development servers and enable the warning as well. if you
 ; do not enable the feature on development servers, you won't be warned when it's
 ; used and debugging errors caused by this can be difficult to track down.
 ; default value: on
 ; development value: on
 ; production value: off
 ; http://php.net/session.bug-compat-42
 session.bug_compat_42 = off
; this setting controls whether or not you are warned by php when initializing a
 ; session value into the global space. session.bug_compat_42 must be enabled before
 ; these warnings can be issued by php. see the directive above for more information.
 ; default value: on
 ; development value: on
 ; production value: off
 ; http://php.net/session.bug-compat-warn
 session.bug_compat_warn = off
; check http referer to invalidate externally stored urls containing ids.
 ; http_referer has to contain this substring for the session to be
 ; considered as valid.
 ; http://php.net/session.referer-check
 session.referer_check =
; how many bytes to read from the file.
 ; http://php.net/session.entropy-length
 session.entropy_length = 0
; specified here to create the session id.
 ; http://php.net/session.entropy-file
 ; on systems that don't have /dev/urandom /dev/arandom can be used
 ; on windows, setting the entropy_length setting will activate the
 ; windows random source (using the cryptoapi)
 ;session.entropy_file = /dev/urandom
; set to {nocache,private,public,} to determine http caching aspects
 ; or leave this empty to avoid sending anti-caching headers.
 ; http://php.net/session.cache-limiter
 session.cache_limiter = nocache
; document expires after n minutes.
 ; http://php.net/session.cache-expire
 session.cache_expire = 180
; trans sid support is disabled by default.
 ; use of trans sid may risk your users security.
 ; use this option with caution.
 ; - user may send url contains active session id
 ;   to other person via. email/irc/etc.
 ; - url that contains active session id may be stored
 ;   in publically accessible computer.
 ; - user may access your site with the same session id
 ;   always using url stored in browser's history or bookmarks.
 ; http://php.net/session.use-trans-sid
 session.use_trans_sid = 0
; select a hash function for use in generating session ids.
 ; possible values
 ;   0  (md5 128 bits)
 ;   1  (sha-1 160 bits)
 ; this option may also be set to the name of any hash function supported by
 ; the hash extension. a list of available hashes is returned by the hash_algos()
 ; function.
 ; http://php.net/session.hash-function
 session.hash_function = 0
; define how many bits are stored in each character when converting
 ; the binary hash data to something readable.
 ; possible values:
 ;   4  (4 bits: 0-9, a-f)
 ;   5  (5 bits: 0-9, a-v)
 ;   6  (6 bits: 0-9, a-z, a-z, "-", ",")
 ; default value: 4
 ; development value: 5
 ; production value: 5
 ; http://php.net/session.hash-bits-per-character
 session.hash_bits_per_character = 5
; the url rewriter will look for urls in a defined set of html tags.
 ; form/fieldset are special; if you include them here, the rewriter will
 ; add a hidden <input> field with the info which is otherwise appended
 ; to urls.  if you want xhtml conformity, remove the form entry.
 ; note that all valid entries require a "=", even if no value follows.
 ; default value: "a=href,area=href,frame=src,form=,fieldset="
 ; development value: "a=href,area=href,frame=src,input=src,form=fakeentry"
 ; production value: "a=href,area=href,frame=src,input=src,form=fakeentry"
 ; http://php.net/url-rewriter.tags
 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

因为这个是在一台vps上面配置的,上面有多个项目,于是小编打开一个项目,发现此项目的验证码功能是ok的。
于是查看代码如下:

复制代码 代码如下:

$sesssavepath = "/data/sessions/";
 // session保存路径
 if(is_writeable($sesssavepath) && is_readable($sesssavepath)){ session_save_path($sesssavepath); }
 if(!empty($cfg_domain_cookie)) session_set_cookie_params(0,'/',$cfg_domain_cookie);

上面这个代码是在session_start() 初始化之前来判断是否存在session会话的文件夹。
于是就在phpmyadmin里面的保存的那个文件/phpmyadmin/libraries/session.inc.php做了下修改:

复制代码 代码如下:

if (! isset($_cookie[$session_name])) {
 // on first start of session we check for errors
 // f.e. session dir cannot be accessed - session file not created
 $orig_error_count = $globals['error_handler']->counterrors();
 //session_save_path('./tmp');
 session_save_path("/data/www/session");
 $r = session_start();
 if ($r !== true
 || $orig_error_count != $globals['error_handler']->counterrors()
 ) {
 setcookie($session_name, '', 1);
 /*
 * session initialization is done before selecting language, so we
 * can not use translations here.
 */
 pma_fatalerror('cannot start session without errors, please check errors given in your php and/or webserver log file and configure your php installation properly. also ensure that cookies are enabled in your browser.');
 }
 unset($orig_error_count);
 } else {
 session_save_path("/data/www/session");
 session_start();
 }

在 session_start();  前面添加了  session_save_path(“/data/www/session”); 就解决了这个问题。
切记通过@ini_set(‘session.save_path', ”/data/www/session”);无效!
这个问题困扰了我几个小时,终于解决了,所以就记录下来,对日后应该会有帮助。