CodeIgniter Forums
is this a bug? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: is this a bug? (/thread-2886.html)



is this a bug? - El Forum - 08-29-2007

[eluser]alpar[/eluser]
I use sessions stored in a database, and enabled user agent matching.
Actually i had modified the original library to store all the data in the database, but i also checked the original library, and it seems that is the same.

when sawing the session id only 50 characters are saved like so
Code:
substr($this->CI->input->user_agent(), 0, 50)


Now imagine that the user agent is computed in such a way that the last character is a space. When you insert it in the database, MySQL will strip that off, inserting a string of length:49 characters. When re matching a string of 50 characters (with the last space) will not match a 49 character string(without it). So the session system gets useless for the user that is unfortunate enough to have such a user agent. I got one with suse linux 10.2 + firefox...

a solution: store and compare the md5 hash of the first 50 characters of the user agent.


is this a bug? - El Forum - 10-01-2007

[eluser]Derek Allard[/eluser]
Thanks Alpar. Fixed up.