+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: Session Problem (/showthread.php?tid=67947)
Pages:
1
2
Session Problem - Attiq - 04-29-2017
I develop an application in code igniter. I have problem with sessions. When my application user log into their account, it shows the other user session name. I am using bluehost hosting and this problem holds only with bluehost hosting, because the same application hosted on godaddy hosting works properly. kindly tell me what is the problem exactly? is it hosting problem or something else ...
RE: Session Problem - PaulD - 04-29-2017
Can you show where $result comes from?
If you are accidentally getting all your user data, the foreach loop will loop through them all and return the last user found, not the current user.
You should, limit the query to one result and test if the result was found or not.
RE: Session Problem - webdev25 - 04-29-2017
There may be a better way to do this depending on where and how you're getting $result, see if something like this helps:
PHP Code:
if( $result->num_rows() ) {
$user = $result->row();
$this->session->set_userdata(array(
'user_id' => $user->user_id,
'user_name' => $user->user_name,
'role' => $user->role,
'cate_permission' => $user->cate_permission,
'password' => $user->password,
'email' => $user->email,
'pages_permissions' => $user->pages_permissions,
'show_company_detail' => $user->show_company_detail,
'account_status' => $user->account_status,
'logged_in' => true,
));
}
RE: Session Problem - arisroyo - 04-29-2017
Wow that's a security flow in your hosting.
But for your security
Change $config['sess_cookie_name'] = "myown_application_session_name";
And also change your implementation
$this->session->set_userdata("my_session_keyidentifier",array());
RE: Session Problem - Attiq - 04-30-2017
(04-29-2017, 09:45 AM)PaulD Wrote: Can you show where $result comes from?
If you are accidentally getting all your user data, the foreach loop will loop through them all and return the last user found, not the current user.
You should, limit the query to one result and test if the result was found or not.
Dear My result comes through query from database. i write the following query
$this->db->where('username', $username);
$this->db->where('password', $passwrod);
$result = $this->db->get('tableName');
i also getting the values in $newdata array ...... But the thing is my sessions are not set and also not unset....
RE: Session Problem - Attiq - 04-30-2017
(04-29-2017, 10:57 AM)webdev25 Wrote: There may be a better way to do this depending on where and how you're getting $result, see if something like this helps:
PHP Code:if( $result->num_rows() ) {
$user = $result->row();
$this->session->set_userdata(array(
'user_id' => $user->user_id,
'user_name' => $user->user_name,
'role' => $user->role,
'cate_permission' => $user->cate_permission,
'password' => $user->password,
'email' => $user->email,
'pages_permissions' => $user->pages_permissions,
'show_company_detail' => $user->show_company_detail,
'account_status' => $user->account_status,
'logged_in' => true,
));
}
i am getting the result through following query
Code:
$this->db->where('username', $username);
$this->db->where('password', $password);
$result = $this->db->get('tableName');RE: Session Problem - Attiq - 04-30-2017
(04-29-2017, 05:14 PM)arisroyo Wrote: Wow that's a security flow in your hosting.
But for your security
Change $config['sess_cookie_name'] = "myown_application_session_name";
And also change your implementation
$this->session->set_userdata("my_session_keyidentifier",array());
recently my sess_cookie_name are stored in the database so in my case what is my_session_keyidentifier exactly ??
an if there is security problem in my hosting so which hosting you suggest me for code igniter application ??
RE: Session Problem - Attiq - 04-30-2017
why i avoid foreach loop for $this->session->set_userdata() ??? is this not good practice or any other logical problem ??
RE: Session Problem - Attiq - 04-30-2017
(04-29-2017, 10:57 AM)webdev25 Wrote: There may be a better way to do this depending on where and how you're getting $result, see if something like this helps:
PHP Code:if( $result->num_rows() ) {
$user = $result->row();
$this->session->set_userdata(array(
'user_id' => $user->user_id,
'user_name' => $user->user_name,
'role' => $user->role,
'cate_permission' => $user->cate_permission,
'password' => $user->password,
'email' => $user->email,
'pages_permissions' => $user->pages_permissions,
'show_company_detail' => $user->show_company_detail,
'account_status' => $user->account_status,
'logged_in' => true,
));
}
why i avoid foreach loop for $this->session->set_userdata() ??? is this not good practice or any other logical problem ??
RE: Session Problem - InsiteFX - 04-30-2017
Are you hashing the password before checking it with the hashed password in the database?