+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: $session->destroy() throws exception (/showthread.php?tid=90619)
$session->destroy() throws exception - joho - 04-11-2024
Why does this throw an exception?
PHP Code:
$session = \Config\Services::session();
$session_username = $session->get( 'session_username' );
$session_login_time = $session->get( 'session_login_time' );
$session_login_ip = $session->get( 'session_login_ip' );
if ( ! empty( $session_username) && ! empty( $session_login_time ) && ! empty( $session_login_ip ) ) {
error_log( basename( __FILE__ ) . ' (' . __FUNCTION__ . '): Session already active, re-directing to /' );
return( $this->response->redirect( base_url() ) );
}
$ip_address = $this->request->getIPAddress();
if ( empty( $ip_address ) ) {
error_log( basename( __FILE__ ) . ' (' . __FUNCTION__ . '): Missing or invalid IP address "' . $ip_address . '", re-directing' );
$session->destroy();
return( $this->response->redirect( base_url() ) );
}
// .. code continues
It throws an exception ("session_destroy(): Trying to destroy uninitialized session") when it gets to $session->destroy().
But if it's an uninitialized session, why doesn't it throw the exception sooner?
I honestly don't think the destroy() call should throw an exception. I have several blocks of code that do cleanup and then re-direct, so I add a destroy() call inside each of those blocks. I can't see anywhere in the PHP reference that session_destroy() in itself would ever throw an exception.
RE: $session->destroy() throws exception - Bosborne - 04-11-2024
You are assigning variables to session variables that may not exist. If that session variable does not exist you will get an exception. If you are running Codeigniter in development mode, the displayed webpage would likely highlight the problem line of code.
RE: $session->destroy() throws exception - joho - 04-11-2024
(04-11-2024, 03:36 AM)Bosborne Wrote: You are assigning variables to session variables that may not exist. If that session variable does not exist you will get an exception. If you are running Codeigniter in development mode, the displayed webpage would likely highlight the problem line of code.
Not sure I understand what you mean.
$session->get() will not throw an exception if the requested key name does not exist, it will simply return "nothing".
The exception points to $session->destroy(), as I outlined above.
RE: $session->destroy() throws exception - kenjis - 04-11-2024
Cannot reproduce.
I see "$session_username null".
PHP Code:
<?php
namespace App\Controllers;
class Home extends BaseController
{
public function index(): string
{
$session = \Config\Services::session();
$session_username = $session->get('session_username');
$session_login_time = $session->get('session_login_time');
$session_login_ip = $session->get('session_login_ip');
$session->destroy();
dd($session_username);
}
}
RE: $session->destroy() throws exception - joho - 04-11-2024
Interesting. And what happens if you add one more call to $session->destroy()?
RE: $session->destroy() throws exception - kenjis - 04-11-2024
Oh, I got your problem!
It is your miscoding.
You cannot destroy uninitialized session.
PHP causes an error (Warning), and CI4 make all errors into Exceptions.
If you want to destroy Session, you must start the session.
PHP Code:
$session = \Config\Services::session();
$session->destroy();
$session->start();
$session->destroy();