| How to fix Sessions Safe Path Unwritable |
 When installing Joomla version 1.0.x or Mambo CMS (Content Management System) using web browser, the web based Joomla! installer pre-installation check screen displayed Not set, Unwritable in red for session save path parameter, indicating that the session save path is not defined in PHP.INI configuration file, not configured with correct permission or does not exist. If you continue installation, Joomla! still install but users will facing symptoms such as only can login to the front end but not the administrator backend, with the login process jumped back to login screen without any message such as incorrect user name or password.
Define session.save_path directive in PHP.INI If you have root access or control to the web host (for example, in VPS or dedicated server), edit the PHP.INI PHP configuration file in the web server to add in the environment variable. Normally the session.save_path directive is already included in the default PHP.INI, but been commented out. Add or edit the line so that it looks like below: session.save_path = /tmp Modify /tmp to the path to a folder that is writable by Apache web server process. If you don’t have shell access to the web host, such as in shared hosting, try asking hosting service provider to include the session save path parameter, or make the path writable. Include session.save_path in .htaccess file If you can’t modify PHP.INI global configuration file, or just want to make the change affect Joomla! or Mambo application only, create or edit the .htaccess file in the installation directory for Joomla! or Mambo, and add the following line (only works in Apache web server which configured to support .htaccess - most cPanel hosts do): php_value session.save_path '/tmp'Change the ‘/tmp’ to a folder that is writable and prefer to be a session saved folder by you which has been created first. The trick above should work if PHP is runing as a server module (ISAPI), which most did, and not as CGI mode. Use Local PHP.INI in the Joomla/Mambo folder If PHP is being run as CGI mode on the web server, or method above using .htaccess does’t work, try override the main global PHP.INI settings by using a localized PHP.INI file which located in the each and every directories for the application. However, the disadvantage is that users have to create lots of PHP.INI files as the override will be on folder by folder basis - those with local PHP.INI will be overrode, but not its parent or child sub-folders. This means that each folder that contains an executable PHP scripts must have its own PHP.INI file, such as in main root Joomla directory, /administrator/ folder and etc. To configure the PHP override, create a PHP.INI on the folder(s) inside Joomla! directory, and add the setting in following format: session.save_path = /tmpReplace the /tmp with the path that you want to use as the session saved path. Use ini_set(variable, value) to override session.save_path in Globals.php file If nothing mentioned above you can do, then try to edit globals.php file comes with Joomla. Firstly create a writable folder, and then edit the globals.php in root Joomla! directory. Add in the following line at the top, right after <?php line: ini_set('session.save_path','/tmp');
Change ‘/tmp’ to full path to the writable directory created. Then edit the following parameter. Look for:define( 'RG_EMULATION', 1 );Edit and change the line to: define( 'RG_EMULATION', 0 );Save the globals.php file. Add session save path parameter into Joomla’s PHP code If it’s impossible to change PHP.INI or add .htaccess, try to create a writable directory, recommended to be a directory named ’sessions’ inside $mosConfig_absolute_path folder which can be retrieved from the configuration.php itself, then add the following line in configuration.php file of Joomla!. session_save_path('public_html/session');
Change ‘public_html/session’ to the actual path to the writable directory created. Note that if you modify and change any Global Configuration settings in Joomla, the line above will be lost as the configuration.php file get rewritten. In the case, remember to replace back the hack above.
Add php_value for session.save_path in httpd.conf Apache configuration file Create a writable directory that can be accessed by Apache service, and then edit the Apache configuration file of httpd.conf. Add the following line to the bottom of the file: php_value session.save_path "C:\Temp\"Change the path “C:\Temp\” to the path to the folder created. Save the configuration file, and then restart Apache HTTPD service. Note: A lot has been saying about writable folder. In some cases, depending on owner and group, you may have to set the permissions to 777 (full read, write and execute) in order for Apache to be able to write into the directory. Above resolutions should work for both Linux, FreeBSD, Unix and Windows based web server. However in Windows, you may need to specify drive letter to the path. For example, ‘/tmp’ will be ‘C:/tmp’ in Windows. It’s also recommended to use forward slash (/) in the path to the folder instead of usual backslash (\). |
