• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[split] Broken database sessions (CodeIgniter 3.1.3 Released)

#1
Upgrade from 3.1.2 to 3.1.3 now has broken database sessions for me. Getting this in the logs:

ERROR - 2017-01-09 19:55:20 --> Severity: Warning --> Unknown: Failed to write session data (user). Please verify that the current setting of session.save_path is correct (ci_sessions) Unknown 0

Any ideas? This was fully functional until the upgrade. If I switch to file based sessions it starts working again.
Reply

#2
(01-10-2017, 04:10 AM)Narf Wrote:
(01-09-2017, 10:00 PM)skunkbad Wrote: Upgrade from 3.1.2 to 3.1.3 now has broken database sessions for me. Getting this in the logs:

ERROR - 2017-01-09 19:55:20 --> Severity: Warning --> Unknown: Failed to write session data (user). Please verify that the current setting of session.save_path is correct (ci_sessions) Unknown 0

Any ideas? This was fully functional until the upgrade. If I switch to file based sessions it starts working again.

There are 2 bugfixes in 3.1.3 against the Session library, both targeting the database driver:

https://github.com/bcit-ci/CodeIgniter/issues/4916
https://github.com/bcit-ci/CodeIgniter/issues/4923

However, I don't see how either of them could cause another issue.


For me, commenting out the following code in the session database driver allows me to log in again:

PHP Code:
if ($this->_lock === FALSE)
{
 
 return $this->_fail();
}
// Was the ID regenerated?
else 

What happens during login is pretty standard; the session ID is regenerated after a successful login.

I made a new forum post last night for this topic: https://forum.codeigniter.com/thread-67059.html

Any help is appreciated.
Reply

#3
https://www.codeigniter.com/user_guide/l...ase-driver

Does the database session table fit with the structure that was given? Maybe it needs a update?
Reply

#4
(01-10-2017, 11:14 AM)ivantcholakov Wrote: https://www.codeigniter.com/user_guide/l...ase-driver

Does the database session table fit with the structure that was given? Maybe it needs a update?


This is what I have with sess_match_ip set to FALSE:


Code:
CREATE TABLE IF NOT EXISTS `ci_sessions` (
 `id` varchar(128) NOT NULL,
 `ip_address` varchar(45) NOT NULL,
 `timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
 `data` blob NOT NULL,
 PRIMARY KEY (`id`),
 KEY `ci_sessions_timestamp` (`timestamp`)
) ENGINE = MyISAM DEFAULT CHARSET utf8 COLLATE utf8_general_ci;


and CI user guide suggests:


Code:
CREATE TABLE IF NOT EXISTS `ci_sessions` (
       `id` varchar(128) NOT NULL,
       `ip_address` varchar(45) NOT NULL,
       `timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
       `data` blob NOT NULL,
       KEY `ci_sessions_timestamp` (`timestamp`)
);
ALTER TABLE ci_sessions ADD PRIMARY KEY (id);


so seems the same to me.
Reply

#5
@skunkbad

Database session driver, actual session table structure, initially empty table, CI 3.1.3, MySQL 5.7.16-0ubuntu0.16.10.1 - (Ubuntu), PHP 7.0.8-3ubuntu3

Works for me, can't see an error.

Edit: The application is different, a CMS of mine.
Reply

#6
(01-10-2017, 12:28 PM)ivantcholakov Wrote: @skunkbad

Database session driver, actual session table structure, initially empty table, CI 3.1.3, MySQL 5.7.16-0ubuntu0.16.10.1 - (Ubuntu), PHP 7.0.8-3ubuntu3

Works for me, can't see an error.

I don't see an error on PHP 7 either, only PHP 5.5. I guess it could be something else, like my MariaDB version. I don't know. The PHP 5.5 box actually has a more current version of MariaDB than my PHP 7 box. I'm going to try to come up with a minimalistic example of how to make it fail, but that won't be until tonight because I have no PHP 5.5 box here at work.
Reply

#7
So, in regards to my problem with sessions and PHP 5.5, I can reproduce the problem. In the session database driver, the recent change adding the following code is the problem:


PHP Code:
if ($this->_lock === FALSE)
{
  return $this->_fail();
}
// Was the ID regenerated?
else 


To duplicate the problem, I can simply create a test controller and run it:



PHP Code:
<?php

class Test extends CI_Controller{
    
    public 
function __construct()
    {
        parent::__construct();
    }

    public function index()
    {
 
       // This could be below the session regeneration, and still has a problem
        $this->load->helper('url');
        header"Location: " site_url'test/redirect_target' ), TRUE302 );

        $this->session->set_userdata'foo''bar' );

        $this->session->sess_regenerateTRUE );
    }

    public function redirect_target()
    {
        echo '<pre>';
        print_r$_SESSION );
        echo '</pre>';
    }



When the code in the session database driver is in place, "foo" is not shown in the session once redirected.

If the code in the session database driver is commented out, "foo" is shown in the session once redirected.

This is in a new install of CodeIgniter 3.1.3 on Ubuntu 14.04:

PHP Version 5.5.9-1ubuntu4.20

MariaDB version 10.1.20-MariaDB-1~trusty - mariadb.org binary distribution

Database client version: libmysql - mysqlnd 5.0.11-dev - 20120503 - $Id: bf9ad53b11c9a57efdb1057292d73b928b8c5c77 $

There isn't anything special about this LAMP setup, it's just a basic webserver. You're probably not seeing a bunch of people reporting a problem because maybe the database driver is not popular? I can try other PHP 5.5 servers if necessary. PHP 7 works fine for some reason.

Edit --------

After more testing, it seems like the problem is using sess_regenerate with the parameter set to TRUE. I can even do this and instantly have an error with CI 3.1.3:


PHP Code:
<?php

class Test extends CI_Controller{
    
    public 
function __construct()
    {
        parent::__construct();
    }

    public function index()
    {
        $this->session->set_userdata'foo''bar' );
        $this->session->sess_regenerateTRUE );

        echo '<pre>';
        print_r$_SESSION );
        echo '</pre>';
    }

Reply

#8
@skunkbad

MyISAM -> InnoDB , maybe?
Reply

#9
(01-11-2017, 02:16 AM)ivantcholakov Wrote: @skunkbad

MyISAM -> InnoDB , maybe?

Nope. Switched tables to InnoDB and no difference.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.