Login

lelolenda · 12-20-2024, 08:34 AM

PHP: 8.3.14 — CodeIgniter: 4.5.1

PHP Code:
<?php

namespace Config;

use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Handlers\BaseHandler;
use CodeIgniter\Session\Handlers\FileHandler;

class Session extends BaseConfig
{
    /**
    * --------------------------------------------------------------------------
    * Session Driver
    * --------------------------------------------------------------------------
    *
    * The session storage driver to use:
    * - `CodeIgniter\Session\Handlers\FileHandler`
    * - `CodeIgniter\Session\Handlers\DatabaseHandler`
    * - `CodeIgniter\Session\Handlers\MemcachedHandler`
    * - `CodeIgniter\Session\Handlers\RedisHandler`
    *
    * @var class-string<BaseHandler>
    */
    public string $driver = FileHandler::class;

    /**
    * --------------------------------------------------------------------------
    * Session Cookie Name
    * --------------------------------------------------------------------------
    *
    * The session cookie name, must contain only [0-9a-z_-] characters
    */
    public string $cookieName = 'ci_session';

    /**
    * --------------------------------------------------------------------------
    * Session Expiration
    * --------------------------------------------------------------------------
    *
    * The number of SECONDS you want the session to last.
    * Setting to 0 (zero) means expire when the browser is closed.
    */
    public int $expiration = 43200;

    /**
    * --------------------------------------------------------------------------
    * Session Save Path
    * --------------------------------------------------------------------------
    *
    * The location to save sessions to and is driver dependent.
    *
    * For the 'files' driver, it's a path to a writable directory.
    * WARNING: Only absolute paths are supported!
    *
    * For the 'database' driver, it's a table name.
    * Please read up the manual for the format with other session drivers.
    *
    * IMPORTANT: You are REQUIRED to set a valid save path!
    */
    public string $savePath = WRITEPATH . 'session';

    /**
    * --------------------------------------------------------------------------
    * Session Match IP
    * --------------------------------------------------------------------------
    *
    * Whether to match the user's IP address when reading the session data.
    *
    * WARNING: If you're using the database driver, don't forget to update
    *          your session table's PRIMARY KEY when changing this setting.
    */
    public bool $matchIP = false;

    /**
    * --------------------------------------------------------------------------
    * Session Time to Update
    * --------------------------------------------------------------------------
    *
    * How many seconds between CI regenerating the session ID.
    */
    public int $timeToUpdate = 300;

    /**
    * --------------------------------------------------------------------------
    * Session Regenerate Destroy
    * --------------------------------------------------------------------------
    *
    * Whether to destroy session data associated with the old session ID
    * when auto-regenerating the session ID. When set to FALSE, the data
    * will be later deleted by the garbage collector.
    */
    public bool $regenerateDestroy = false;

    /**
    * --------------------------------------------------------------------------
    * Session Database Group
    * --------------------------------------------------------------------------
    *
    * DB Group for the database session.
    */
    public ?string $DBGroup = null;
} 

Cookies Set.

PHP Code:
<?php

namespace Config;

use CodeIgniter\Config\BaseConfig;
use DateTimeInterface;

class Cookie extends BaseConfig
{
    /**
    * --------------------------------------------------------------------------
    * Cookie Prefix
    * --------------------------------------------------------------------------
    *
    * Set a cookie name prefix if you need to avoid collisions.
    */
    public string $prefix = '';

    /**
    * --------------------------------------------------------------------------
    * Cookie Expires Timestamp
    * --------------------------------------------------------------------------
    *
    * Default expires timestamp for cookies. Setting this to `0` will mean the
    * cookie will not have the `Expires` attribute and will behave as a session
    * cookie.
    *
    * @var DateTimeInterface|int|string
    */
    public $expires = 0;

    /**
    * --------------------------------------------------------------------------
    * Cookie Path
    * --------------------------------------------------------------------------
    *
    * Typically will be a forward slash.
    */
    public string $path = '/';

    /**
    * --------------------------------------------------------------------------
    * Cookie Domain
    * --------------------------------------------------------------------------
    *
    * Set to `.your-domain.com` for site-wide cookies.
    */
    public string $domain = '';

    /**
    * --------------------------------------------------------------------------
    * Cookie Secure
    * --------------------------------------------------------------------------
    *
    * Cookie will only be set if a secure HTTPS connection exists.
    */
    public bool $secure = false;

    /**
    * --------------------------------------------------------------------------
    * Cookie HTTPOnly
    * --------------------------------------------------------------------------
    *
    * Cookie will only be accessible via HTTP(S) (no JavaScript).
    */
    public bool $httponly = true;

    /**
    * --------------------------------------------------------------------------
    * Cookie SameSite
    * --------------------------------------------------------------------------
    *
    * Configure cookie SameSite setting. Allowed values are:
    * - None
    * - Lax
    * - Strict
    * - ''
    *
    * Alternatively, you can use the constant names:
    * - `Cookie::SAMESITE_NONE`
    * - `Cookie::SAMESITE_LAX`
    * - `Cookie::SAMESITE_STRICT`
    *
    * Defaults to `Lax` for compatibility with modern browsers. Setting `''`
    * (empty string) means default SameSite attribute set by browsers (`Lax`)
    * will be set on cookies. If set to `None`, `$secure` must also be set.
    *
    * @phpstan-var 'None'|'Lax'|'Strict'|''
    */
    public string $samesite = 'Lax';

    /**
    * --------------------------------------------------------------------------
    * Cookie Raw
    * --------------------------------------------------------------------------
    *
    * This flag allows setting a "raw" cookie, i.e., its name and value are
    * not URL encoded using `rawurlencode()`.
    *
    * If this is set to `true`, cookie names should be compliant of RFC 2616's
    * list of allowed characters.
    *
    * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#attributes
    * @see https://tools.ietf.org/html/rfc2616#section-2.2
    */
    public bool $raw = false;
} 

my login authentication does not work because after storing the data in the session and redirecting to another page I simply lose the logged in user data

works on another server and local server.

tried patch System/Session/Session.php

and add session_start() at public_html/index.php

Flashdata dont work either.

captain-sensible · 12-20-2024, 11:04 AM

the only session stuff i care or bother with is when admin gui is accessed and admin logs in, or somebody attempts to log in . I have a few methods in a class and several views. I just put this line at the top of every method in the class

Code:
$session = \Config\Services::session();

eg

Code:
public function displaySession()

  {

   $session = \Config\Services::session();

   if( isset($_SESSION['role']))

   {

   echo " S_session[role] is :".$_SESSION['role'];

   }

   else

   {

   echo "session role not set";

   }

  }

session info doesn't seem to get lost, even when a view displays form , data is collected from submission etc , picked up by another method its still there .The only thing that clears data is a URL logout ,which is picked up via routes .code is :

Code:
  public function logout()

              {

$session = \Config\Services::session();

                unset($_SESSION['role']);

                unset($_SESSION['count']);

      $data= [ 

       'title'=> 'logout',

       'info'=> 'you may have already been logged out, but if you were not you are now !' ,

       'date'=>$this->myDate

       ];

        echo view('info', $data);

CMS CI4 A CMS system, runs out of the box written on top of CI4

Arch Book CodeIgniter4 on Apache(pages 92-114)

CI4-CMS Github

lelolenda · 12-20-2024, 01:40 PM

(12-20-2024, 11:04 AM)captain-sensible Wrote: the only session stuff i care or bother with is when admin gui is accessed and admin logs in, or somebody attempts to log in . I have a few methods in a class and several views. I just put this line at the top of every method in the class

Code:
$session = \Config\Services::session();

eg

Code:
public function displaySession() { $session = \Config\Services::session(); if( isset($_SESSION['role'])) { echo " S_session[role] is :".$_SESSION['role']; } else { echo "session role not set"; } }
session info doesn't seem to get lost, even when a view displays form , data is collected from submission etc , picked up by another method its still there .The only thing that clears data is a URL logout ,which is picked up via routes .code is :

Code:
public function logout() { $session = \Config\Services::session(); unset($_SESSION['role']); unset($_SESSION['count']); $data= [ 'title'=> 'logout', 'info'=> 'you may have already been logged out, but if you were not you are now !' , 'date'=>$this->myDate ]; echo view('info', $data);

thank you