PHP - /tmp permission error

Question

Basically, I have an .htaccess file, with php_value session.auto_start set to 1. So my session will start in any file.

However, now I have a script in my /functions folder, but it gives an error about the permissions of the /tmp, resulting in "Failed to write session data", though it doesn't use, start or do anything with the session.

Yet this produces an error, and to me, it looks like it cannot find the /tmp folder, which I do have. Files directly in my root folder (/) don't have this a problem.
I also tried setting the permissions of /tmp to 777, to no avail.

Thanks in advance

---

The error I'm getting

Warning: Unknown: open(/tmp/sess_cfed7db100fd58b62eaca2a519ebaf7a, O_RDWR) failed: Permission denied (13) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0

---

The script itself:

<?php
define ('INCLUDE_CHECK',true);
require('connect.php'); //This file doesn't use any sessions as well

if(isset($_POST['signupemail'])){
    $email = mysqli_real_escape_string($link, $_POST['signupemail']);
    $thearray = mysqli_fetch_array(mysqli_query($link, "SELECT COUNT(*) FROM `users` WHERE email=\"".$email."\""));

    if($thearray[0] > 0){
        echo '"This emailaddress is already in use"';
        exit;
    }
    echo "true";


} else if(isset($_POST['uname'])){

    if(!preg_match('/^[a-zA-Z0-9_-]{3,16}$/ ',$_POST['uname'])){
        echo '"<small>Please only use alphanumeric characters, underscores and hyphens</small>"';
        exit;
    }

    $uname = mysqli_real_escape_string($link, $_POST['uname']);
    $thearray = mysqli_fetch_array(mysqli_query($link, "SELECT COUNT(*) FROM `users` WHERE uname=\"".$uname."\"")); 
    $forbiddennames = array(1 => 'super-user','superuser', 'root', 'admin', 'administrator', 'system', 'website', 'site', 'owner', 'manager', 'founder','moderator');    

    if(in_array(strtolower($_POST['uname']), $forbiddennames)) {
        echo '"'.$_POST['uname'].' is a forbidden username"';
        exit;
    } 
    if($thearray[0] > 0){
        echo '"This username is already in use, please choose another"';
        exit;
    } 


    echo "true";

}
?>

I get the error when I just browse manually to my script, so without any $_POST parameters set. I use this script to verify one's email and/or password, and when checking, it stops, not knowing what to do with the result (gotten by AJAX).

Answer 1

Uhm, it turned out to be browser-related. When I tested it in FireFox, no problem. In Google Chrome, big problem.

I don't know what it was, but after deleting the cache, cookies, everything from my site, it worked perfectly. Seemed like it was searching for an old session.

Answer 2

I think i remember some php.ini setting that prevents access to files that are not in the webserver's directory tree. I don't know if that applies to files that are generated internally by php, though.

If you're running on Red Hat Enterprise linux, or some derivative like CentOs or Scientific Linux, it might also be a problem with selinux. Check if the problem goes away if you set selinux to permissive (sudo setenforce Permissive). If that "fixes" the problem, think twice about leaving selinux in Permissive mode, especially if your server is reachable from the internet, better learn about selinux and relabeling.