Hello!

Today sessions was forbidden to be written and crashed a few sites.
The strange thing is that sessions was trying to be saved under a users /tmp folder and not the server /tmp folder.

So one users sessions tried to be saved under another users tmp folder ??
This is NOT a client/user thing, where he set the session save path in his script or htaccess etc. It's PHP doing this.

In php.ini it say:

session.save_path = "N;/path"

Never seen this before actually - used to be /tmp (servers tmp).

Somehow, suddenly - PHP decided that "N;/path" is one users /tmp folder.

How can that be ?


I now changed it to /tmp on all servers since "N;/path" seems to buggy and dangerous.