+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: zombie session information? (/showthread.php?tid=64663)
Pages:
1
2
zombie session information? - michaelh99 - 03-18-2016
My apologies if this is covered somewhere else. A googling and search here came up with too many unrelated hits.
I've got an issue where session data comes back from the dead.
I'm using 3.0.5 with file based sessions and saving the fact when a user logs out by unsetting a session variable.
I've added all sorts of logging and can clearly see that the session var is cleared and right after the next redirect, the variable is set again to what it used to be.
Is there something I've missed? Forcing the persistence before a redirect?
One other detail...
If I delete all the session files, things work as expected for about 3 iterations (of log in log out) and then stops working again.
RE: zombie session information? - InsiteFX - 03-19-2016
Did you use this?
$this->session->sess_destroy();
RE: zombie session information? - michaelh99 - 03-19-2016
No, I didn't want to destroy all the session data but just one variable. I'm using
$this->CI->session->unset_userdata('name');
RE: zombie session information? - michaelh99 - 03-19-2016
It looks like this was caused by not setting my cookie domain and/or prefix for my local development site, which explains why I only had this problem locally.
I had them both as blank.
So far things seem to be working as expected after setting them to non-blank values and different from the live site
RE: zombie session information? - michaelh99 - 03-19-2016
I don't know when a moderator will approve my replies but it looks like I was wrong about this working. It looks like if the session is old enough, variables still come back from the dead.
At the moment my theory is that it's related to the session sess_time_to_update setting (300) but that's a guess on my part.
RE: zombie session information? - arma7x - 03-19-2016
Does your $config['base_url'] is empty or filled incorrectly ?
RE: zombie session information? - michaelh99 - 03-19-2016
It's filled in correctly...
$config['base_url'] = 'http://netsuke.danceminder.com/';
which resolves to my local test server
I'm also wondering if there's a collision with my cookie name on the live server. I'm making that unique too.
RE: zombie session information? - arma7x - 03-19-2016
Maybe you should dump session data before & after. Make sure the item you unset is exist/valid
RE: zombie session information? - michaelh99 - 03-20-2016
That's what I was doing in this step "I've added all sorts of logging and can clearly see that the session var is cleared and right after the next redirect, the variable is set again to what it used to be." in my original post.
It looks like it was a combination of cookie errors.
after making sure that the cookie prefixes were set for the local server and using a unique prefix per test environment and having the sessions be destroyed on regeneration and clearing all the old cookies out of my browser, everything seems to be working now
RE: zombie session information? - arma7x - 03-20-2016
Did you working on subdomain? What is your storage driver?