Yesterday I had a number of issues with our installation whereby when a user logs in they get another users profile. Exploring this I think they are getting the profile of any user who last logged in, (but I cannot be sure).
I assumed this was a database corruption so I restored from a backup but the problem remains.
If I remove the .htaccess file it all seems to work OK again however if I then rebuild the .htaccess file from the admin section the problem returns again.
I think this might be a wider php/mySQL issue on the server or this could also be a red herring.
The permissions look correct.
I am running 7.8.8 on Linux server, cPanel, php5.6, mySQL v.5.6 and Litespeed server.
Has anyone experienced this before or can shed any light on what might have happened to our server configurations?
Please can someone advise on how we correct this? I’m not a coder so this is way beyond my expertise.
In Admin / Diagnostic, download phpinfo file and check which path your PH is using for session.save_path
Then check that path in your file system, sometimes people find it has thousands of old files and Linux starts confusing itself. It could also have some other kind of file corrution. You can clear the session that dir if necessary (it should only break ongoing sessions, nothing else), just do it after work hours.
You can also try a few more repairs from Admin / Repairs, and all sorts of cache clearings you can find.
First of all many thanks for your reply, I really appreciate your help.
I have run the diagnostic and the session.save_path in the PHPinfo file reads this - /var/cpanel/php/sessions/ea-php56.
In the top level folder for this installation I have a user.ini file which has the following:-
; cPanel-generated php ini directives, do not edit
; Manual editing of this file may result in unexpected behavior.
; To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
; For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
[PHP]
asp_tags = Off
display_errors = Off
max_execution_time = 60000
max_input_time = 6000
max_input_vars = 1000
memory_limit = 1024M
session.save_path = “”
upload_max_filesize = 100M
post_max_size = 100M
session.gc_maxlifetime = 3600
zlib.output_compression = Off
As you can see the session path is blank. Should this contain /var/cpanel/php/sessions/ea-php56. ?
I also see when I run the MultiPHP INI Editor for this domain that the session path is blank here also.
Also, I’m sorry I did not quite understand your comment ‘You can clear the session that dir if necessary…’. How do I clear these? Please can you explain.
What you’re getting from “phpinfo” is the effective value, so it is what PHP decided to use since you were giving it a blank value. It’s probably some default, or just the name of your PHP executable directory.
You should set the session file to a specific directory for that purpose, and you need to make sure it is writeable by PHP.
This directory will contain session files, in my case they are called like this:
-rw------- 1 www-data www-data 0 Dec 18 16:48 sess_sgfmf1j8l56mqam70ddfu3d9lt
-rw------- 1 www-data www-data 0 Dec 18 16:52 sess_t7d4atguu1kje451i3vh4una1h
-rw------- 1 www-data www-data 0 Dec 18 16:49 sess_td5suat3q04t0g36imp8gbriir
-rw------- 1 www-data www-data 0 Dec 18 17:00 sess_tjqolv4bf9r7oo0jfebu1g2e64
-rw------- 1 www-data www-data 0 Dec 18 17:17 sess_tk7aqrn4kmuptb1tf8695fpa84
If you watch this directory you will see the files being created and deleted as sessions are opened or closed. You can clear these files to attempt fixing your problem. This will disrupt ongoing sessions, so make sure nobody’s using the system for work.
Another thing you can check in your phpinfo is the name of your PHP log file (this is not the same as suitecrm.log). In there you will surely have messages explaining why you can’t log in. It’s probably a good idea to start by checking this, maybe your problem has nothing to do with session files.