Yesterday, when I was creating a new plugin for my friend Stefan Vervoort, I needed sessions to work. Unfortunately, WordPress doesn’t support them?!
I searched the whole source code of this great piece of blogging software, and not on one single line I found even one session. Also the session_start() function is not called, but I still needed my sessions to work 
.
So I started searching Google for a fix of my problem. I found a lot of people asking the same question: “Why do sessions not work in WordPress?” Finally I found a solution to fix this little issue and guess what, it is a simple one.
The Solution
The only thing you have to do is call session_start(); before any output is send to the client. Now you might think: Nice, but what happens when I upgrade my WordPress installation to the latest version? Well, yes, your changes will be lost. That is the reason why we first should think of where to add these changes..
Normally upgrading your installation will replace all files, except one. Yes, it is the wp-config.php file. And even better, there isn’t send any output to a client yet, when this file is loaded.
So, we add the next lines of code to our wp-config.php file:
1 2 3 4 5 |
/**
* Enable sessions
*/
if (!session_id())
session_start();
|
And sessions are enabled on your blog!
I think the best place to add these lines is at the top of the config file, so immediately after the php starting tag (<?php). This prevents errors in WordPress/Plugins/Themes from breaking it.
In your theme/plugin
As some of people have suggested in the comments, using the wp-config file might not always be the best solution.
Add the next piece of code to your functions.php or plugin file to enable sessions:
1 2 3 4 5 6 7 8 9 10 11 12 |
/**
* init_sessions()
*
* @uses session_id()
* @uses session_start()
*/
function init_sessions() {
if (!session_id()) {
session_start();
}
}
add_action('init', 'init_sessions');
|
I hope this will help you out when facing the same problem.
Thanks a lot. It can be so simple.
Or use functions.php:
if ( !session_id() )
add_action( ‘init’, ‘session_start’ );
It’s working in local server.. but session has not set in remote server…. how to solve it.
Thanks
Bala
Oh man thxxxx…. I am brazilian and i was looking for the solution to the day. Sorry for google translate.
You can place the code snippet in the functions.php of your theme, or create a plugin in wp-content/plugins and your change won’t be lost when upgrading.
@Mike Thanks, good solution
Does the session not need to be closed afterwards?
If so, how do I do that?
I seem to be the only person where your solution does not work. Newbie here so it might well be operator error.
I was using ob_start / if (session_id == ”) start_session in an include file used by all the pages – that didn’t work
Changed the wp-config.php file per your suggestion. that didn’t work — removed by code from the include file and that didn’t work
Running 3.2.1 with the wptdacaiberry theme
Here’s the .htaccess file:
# BEGIN WordPress
RewriteEngine On
# Options +FollowSymLinks
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
I apologize for pestering you with this. Please let me know where I might ask this question.
Thank you
In wp-includes/load.php, removed references to $_SESSION where $_GLOBALS[$k] is nulled and unset.
Thank you
Thanks man.You are a star!Had spent hours trying to figure this out.Your solution works well.
I can set my sessions fine and they work on that page but if I go to another page I loose them. I tried removing the reference to sessions in the load.php but that didn’t help. Is there something I am missing? Do I need to make Sessions global somewhere?
Hi Frank,
I found this post and its comments to be very helpful. I’ve done some more research and have posted the results and a link to this blog post in http://devondev.com/2012/02/03/using-the-php-session-in-wordpress/ I cover the aspects of using this in a plugin, destroying the session on logout and login, and problems associated with register_globals.
Thanks for getting me started on a full solution to this.
/peter
@Kelly, are both your pages on the same subdomain. note that forbear.com and http://www.foobar.com are different subdomains and therefore have different sessions. WordPress usually takes care of redirecting from one to the other, but that is one other possibility.
/peter
Hi Frank, your solution works perfect, but it’s better to add it trough the init action hook, since it’s just not ment to be in the config file.
You can add it as a plugin or just directly in your functions.php.
I’ve read your post first, but this post made me change it to an init action. You might want to update your post.
Regards.
THAAAAAAAAAAANKS Man!
Hi Frank,
I just wanted to let you know that I released a plugin that incorporates all this. It only starts the session if it’s not already started and destroys it at logout and login. It also provides functions to get and set session values. The plugin can be found at http://wordpress.org/extend/plugins/simple-session-support/ in the repository.
Thanks again/peter
Hey Peter,
This is a nice resource for developers!
One tip for developers who intend to use it though: you should include it in your own plugin. Otherwise you will have to rely on people with absolutely no knowledge about these kind of things to have this plugin installed, which is generally not a very good idea.
Thanks Frank,
I agree, my simple plugins are best used as examples for developers. WordPress hasn’t been able to make dependencies work for themes, let alone plugins.
/peter
Thank you so much!!!
Oh, thank you, i really need now.