+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: Session logout problems (/showthread.php?tid=18652)
Session logout problems - El Forum - 05-13-2009
[eluser]Stu Green[/eluser]
Hiya,
Having problems with the session cookies. I'm getting logged out when just browsing around my sites when logged in. Sometimes (quite rightly) it times out after inactivity. But other times it just logs me out randomly.
This is for a CMS so it needs to allow page inactivity for 20 mins or so (in case they are writing a long page), but then it automatically updates the page every 30 seconds anyway, so there is always activity, but I want the session to stay logged in for 20 minutes before expiring.
I need the optimum, secure configuration for the session cookies - what do people recommend?
current set up is the following:
Code:
$config['sess_cookie_name'] = 'my_session';
$config['sess_expiration'] = 1800;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 600;Please advise.
Session logout problems - El Forum - 05-13-2009
[eluser]Dam1an[/eluser]
Are you storing a lot of session data when you get logged out? Remember there is a 4K limit, and they encrypted, so you have a lot less then you think
Do you lose the entire userdata or just the logged_in flag?
Session logout problems - El Forum - 05-13-2009
[eluser]Thorpe Obazee[/eluser]
[quote author="Dam1an" date="1242271336"]Are you storing a lot of session data when you get logged out? Remember there is a 4K limit, and they encrypted, so you have a lot less then you think
Do you lose the entire userdata or just the logged_in flag?[/quote]
If it is like what Dam1an says, then you could probably use database sessions.
Session logout problems - El Forum - 05-13-2009
[eluser]Stu Green[/eluser]
Hey not sure what I'm losing to be honest, I'll have to try and find that out.
Storing is not a problem as the row is only about 1kb.
I am using DB sessions already.
Session logout problems - El Forum - 05-13-2009
[eluser]Thorpe Obazee[/eluser]
Ha. Yeah, didn't see that. That happens when you don't actually read everything in the first post
Could it be a browser problem?
Session logout problems - El Forum - 05-14-2009
[eluser]Dam1an[/eluser]
[quote author="haloweb" date="1242282711"]Hey not sure what I'm losing to be honest, I'll have to try and find that out.[/quote]
To view you're session data, stick the attatched profiuler in your libs directory and enable the profiler
Code:
$this->output->enable_profiler(true);(I can't take credit for creating this, but I can;t remember who did)
Session logout problems - El Forum - 05-14-2009
[eluser]Thorpe Obazee[/eluser]
Hmm... nice on Dam1an. This extension is quite helpful.
Session logout problems - El Forum - 05-14-2009
[eluser]Stu Green[/eluser]
Hey all thanks.
Please can someone just post the optimum settings for a secure, but quite lengthy session login.
It's for a CMS so it has to be secure but not keep logging me out every 5 minutes of inactivity. Also there are lots of AJAX calls that happen.
Thanks
Session logout problems - El Forum - 05-15-2009
[eluser]che_anj[/eluser]
hi I'm also having trouble with my logout. It does not totally destroy the session coz I did try to paste the url and it seems I can get into without entering my username and password
here's my code
Code:
function logout()
{
$this->session->sess_destroy();
redirect('login/index');
}any ideas thanks
Session logout problems - El Forum - 05-15-2009
[eluser]Michael Wales[/eluser]
What's your login code look like? Settings in config.php for sessions and cookies?