- Make sure session_start(); is called before any sessions are being called. So a safe bet would be to put it at the beginning of your page, immediately after the opening <?php tag before anything else. Also ensure there are no whitespaces/tabs before the opening <?php tag.
- After the header redirect, end the current script using exit(); (Others have also suggested session_write_close(); and session_regenerate_id(true), you can try those as well, but I’d use exit();)
- Make sure cookies are enabled in the browser you are using to test it on.
- Ensure register_globals is off, you can check this on the php.ini file and also using phpinfo(). Refer to this as to how to turn it off.
- Make sure you didn’t delete or empty the session
- Make sure the key in your $_SESSION superglobal array is not overwritten anywhere
- Make sure you redirect to the same domain. So redirecting from a www.yourdomain.com to yourdomain.com doesn’t carry the session forward.
- Make sure your file extension is .php (it happens!)
Reference: