• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Session lost AJAX CI 3.x

#1
Hi,

I have a big issue, my site use hard AJAX request, in that request we set or get some sessions variables, but we detected that after we set the sessions we get correctly the information of the sessions. ex:

echo $this->session->userdata("uid");
Result: iywgc87123rfvc2345thbvc45tygerfgv;

But if we make some AJAX request after to set the session and print the same variable we have an error that said that the property not are set... and if we print all session information the array is empty.

We are using the files driver, and the session are created in files.

We found in others forums that in CI 2.x had the same issues with AJAX, and found some classes that extend the Session library, but that libraries not works for CI 3.x

This is my config:

$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = sys_get_temp_dir();
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

So, some can help me pls? exist some fix for this?
Reply

#2
This has been a long standing issue with codeigniter from what i recall, i remember having these problems in 1.7.X i believe? From what i've read previously it's down to a race condition although i'm not sure of the specifics, i've noticed it happens more often when you have regular ajax requests being made in the background, it is quite a big flaw for an application framework.

Have you tried setting the sessions so they do not expire or rotate the session ID, i've found this helps with the ajax+sessions issue although it's not really a good solution as it's not great from a security perspective to have sessions which never expire at all regardless of if the users browser is still pinging the server in the background or not.

If anyone has better info on this issue and how to work around it i would also be interested to hear of a better solution.
Reply

#3
When you are SURE that this is not a CSRF issue, then your only option is to not allow AJAX calls to change the session data.

Look at system/libraries/Session/Session.php LINE 145: it would seem this issue is not present anymore. The session only updates on non-AJAX requests. I recall this being solved a long time ago.

Check the network tab in your browser console, what is the reply there?
Reply

#4
Hello
Yes It seems Codeigniter has fixed this issue in the Session.php Library!! But I have experienced something similar but in a different manner! When you perform the first ajax request to the server everything goes fine!! When you execute the same ajax immediately after the first one has completed you experience a lagging and some NOT ALL of the session variables get lost!!

But If you wait for a minimum of 5-10sec, then perform the same ajax request everything goes fine!! I think there's a serious issue that still going on with Codeigniter Session!!

I have Just upgraded From Codeigniter 2 to 3 successfully! And am using the files driver session with heavy ajax request!!
Funny enough!! Some of my ajax requests works just fine, except the ones from ones who's links are within table tags <td></td>!! But they both use the same ajax request Function.

So I have failed to understand whether its codeignitor!! Or something to do with AJAX!!

Another thing is that when i take the url of the same ajax request that has issues and post it on the browser url tab everything goes fine!

I have seen other posts including the codeigniter documentation itself that we should use the session_write_close(); but going through the Session Class itself seems like Codeignitor 3 runs this function already!!

I have also realized that for firefox it is much better! The session variables are all intact! but the extra delay still exists on the second ajax call!!
I am using Xampp on windows offline!

And also when i upload the project on the server online!! Its works Fine!! I am surely left with nothing to say!!

Kindly assist on this!!
Regards!
Reply

#5
Did you read this?

CodeIgniter User Guide - A note about concurrency
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.