Is your PHP web script not allowing you to login? This could be caused by session.save_path not be set correctly or at all. In a shared hosting environment using a shared session.save_path can be a security risk. Sometimes on a shared host if session.save_path is correctly set to a shared path, PHP scripts will still not allow session logins. You can download a file at bottom of this page to check if your session.save_path is set and what path it is set to.

To fix this problem you need to change the session.save_path to a separate folder inside your account. One way to do this is edit your php.ini file. Locating access to the php.ini file will be different on various web hosting providers and some do not allow access. Once you locate the php.ini file, find session.save_path. If there is a (;) located in front of session.save_path then your session.save_path is not set just remove the (;) and save. If it is already set to a shared path and there is not a (;) deactivating the path, it will look something like (session.save_path = "/var/phpsessions"). You need to change it to something like (session.save_path = "your-account-path/phpsessions"). Then create the phpsessions folder where you just pointed to. If possible, place the folder in a location where it is not accessible on the web. If you only have access to web accessible folders on you hosting account, you can place a .htaccess file that blocks access from the web. You should also disable directory listings in the folder or you can place a blank index.html file in the folder.

If you have access to Apache configuration file httpd.conf, session.save_path can also be set there. If you do not have access to httpd.conf or php.ini, on some servers session.save_path can be set with a .htaccess file. In the .htaccess file you would add a line like (php_value session.save_path /path/phpsessions/).

By changing the session.save_path garbage collection will not work for the new folder. Meaning old session files will not be routinely deleted. Depending on what PHP applications you are using, this may cause a buildup of old session files. You can delete these manually. If your web host allows cron jobs, you can setup a cron job to do the garbage collection on a regular basis. You could also install a shell script or write code into the script that uses the session folder.