Lost session

[eluser]ELJusticeiro[/eluser]
I am constantly losing the session, someone knows how to fix this BUG?

[eluser]Derek Allard[/eluser]
Yes, I'm sure there are several people here who know how to fix it, but without any context or code its a difficult proposition.

Welcome to CodeIgniter ELJusticeiro.

[eluser]ELJusticeiro[/eluser]
Single,
config.php session default.

Code for Login

function try_login($username, $password) {
$sql = "SELECT NomeUsuario, CodigoUsuario, CodigoSetor, TipoUsuario, TipoTabela, CodigoTabela FROM usuarios WHERE NomeUsuario='$username'";
if (trim($password)=='5faf93821398a170285c1a62858a1cb5') {
$aux='';

} else {
$aux =" AND Senha='$password'";
}
$sql .= $aux;
// echo $password;
$query = $this->CI->db->query($sql);
if ($query->num_rows != 1) {
return FALSE;
} else {
$row = $query->row();
$this->CI->session->set_userdata(array('logado'=>TRUE));
$this->CI->session->set_userdata(array('nomeusuario'=>$row->NomeUsuario));
$this->CI->session->set_userdata(array('codigousuario'=>$row->CodigoUsuario));
$this->CI->session->set_userdata(array('codigosetor'=>$row->CodigoSetor));
$this->CI->session->set_userdata(array('tipousuario'=>$row->TipoUsuario));
$this->CI->session->set_userdata(array('codigotabela'=>$row->CodigoTabela));
$this->CI->session->set_userdata(array('tipotabela'=>$row->TipoTabela));
return TRUE;
}
}


Test verify session = All Pages

function try_session_login() {
if (!$this->CI->session->userdata('logado')) {
redirect('acesso','refresh');
}
}

[eluser]Michael Wales[/eluser]
For readability - so people can actually look into the issue:

Code:

function try_login($username, $password) {
  $sql = "SELECT NomeUsuario, CodigoUsuario, CodigoSetor, TipoUsuario, TipoTabela, CodigoTabela FROM usuarios WHERE NomeUsuario='$username'";
  if (trim($password)=='5faf93821398a170285c1a62858a1cb5') {
   $aux='';
  } else {
    $aux =" AND Senha='$password'";
  }
  
  $sql .= $aux;
  // echo $password;
  $query = $this->CI->db->query($sql);
  if ($query->num_rows != 1) {
   return FALSE;
  } else {
   $row = $query->row();
   $this->CI->session->set_userdata(array('logado'=>TRUE));
   $this->CI->session->set_userdata(array('nomeusuario'=>$row->NomeUsuario));
   $this->CI->session->set_userdata(array('codigousuario'=>$row->CodigoUsuario));
   $this->CI->session->set_userdata(array('codigosetor'=>$row->CodigoSetor));
   $this->CI->session->set_userdata(array('tipousuario'=>$row->TipoUsuario));
   $this->CI->session->set_userdata(array('codigotabela'=>$row->CodigoTabela));
   $this->CI->session->set_userdata(array('tipotabela'=>$row->TipoTabela));
   return TRUE;
  }
}

Test verify session = All Pages

Code:

function try_session_login() {
    if (!$this->CI->session->userdata('logado')) {
      redirect('acesso','refresh');
    }
  }

[eluser]Michael Wales[/eluser]
Upon my initial look - my guess would be that the session code isn't even being called. Place a die() call right before the session code and see if it gets called - if not, reposition that die() function until you find the logical error, and fix that error.

Something that really strikes me as odd is that the hard-coded password appears to be a hash - but I don't see any hashing taking place. The dynamic password SELECT is also, not hashing the variable.

Are you sure you're not searching the database for 'aword' when the database has it stored as a hash?

[eluser]ELJusticeiro[/eluser]
Not a logical error,

Do login, insert session variables, and for all pages verify also logado=true.

It's work, but, when surfing the session (the variable logado) is lost.

[eluser]Derek Allard[/eluser]
Since your thesis is that this is a codeigniter bug, could you reduce your code to the very minimum required to demonstrate the incorrect behaviour? No database, no anything, just set a session then read it. If that works, start adding things back in one at a time until we can narrow down the culprit. This doesn't sound like a bug to me, but I of course want to track this through to ensure it isn't. Thanks.

[eluser]Majd Taby[/eluser]
I just want to put my 2 cents in and say that I'm having the same problem with CodeExtinguisher...I get logged off at random times, I'll let you know what I find.

[eluser]ELJusticeiro[/eluser]
Nobody succeeded in solving this BUG, I decided an alternative way, using cookies, if you do not find the session verifies the validity of the cookie meets again in the session

[eluser]Derek Allard[/eluser]
Great. I'm glad you managed to find a work around without needing to go through the process of tracking down where things broke, or why they didn't work. Look forward to reading more of your work on these forums ELJusticero - sorry your first posts had to be with something that wasn't working for you.