share session with non YII application

I want to explain if I have another system that will use session that assigned by YII application.

This is my session config in component …

        'session' => array(


            'cookieMode' => 'allow',

            'savePath' => dirname(__FILE__).DIRECTORY_SEPARATOR.'..'.DIRECTORY_SEPARATOR.'runtime'.DIRECTORY_SEPARATOR,

            'cookieParams' => array(




Of course, for the other application that don’t used YII, I’ve set the session configuration to read the same path with my YII application. It works when I check it in my localhost machine, but the problem rise when I upload into the Internet and check it, my app doesn’t work.

The problems is relay on the way that YII write into session file (currently I assume like that).

When I opened the file of session that generated by YII, in localhost it doesn’t encrypted; but when I deploy it, the content get encrypted.

Please, somebody can give me a hint or explanation to fix my problem?

  • sorry for my English …


If you have php_suhosin on your prod server, try to disable it. Or disable session encryption into suhosin options.

Thank you Weavora … will try to check it now …

Hi Weavore, Thank you and yes, you’re right and when I check it Suhosin installed in my Server with this code …


if (!extension_loaded('suhosin')) {

    if (!dl('')) {

        // Extension not loaded.

        echo 'not loaded';




    echo 'loaded';


I’ll search to know if I can disabled Suhosin session encrypt, because currently my app installed in shared server environment and Suhosin like an alien for me … I never know it before …