Login

codeus · 06-04-2024, 09:30 AM

After reading the userguide (excerpt below), I believe this is a bug-:

Quote: Wrote:This was due to the specifics of how sessions worked, but is now no longer necessary with our new implementation. However, it may happen that your application relied on these values, so here are alternative methods of accessing them:

session_id: $session->session_id or session_id() (PHP’s built-in function)

Before v4.3.0, the session configuration was held in Config/App.php. Now Config/Session.php holds the session configuration. There is nothing in Config/Session.php to indicate how to turn off CI session handling. Looking at the CI code appears to confirm this.

How to reproduce:
# Setup new CI v4.5.1 with composer
# In BaseController, add session_start()

PHP Code:

Code:
    public function initController(RequestInterface $request, ResponseInterface $response, LoggerInterface $logger)

    {

        // Do Not Edit This Line

        parent::initController($request, $response, $logger);

        session_start();

    }

# Then browse to site's home page. Exception is thrown in FileHandler-:

SYSTEMPATH/Session/Handlers/FileHandler.php at line 74
Code:

Code:
68   public function __construct(SessionConfig $config, string $ipAddress)

    {

        parent::__construct($config, $ipAddress);



        if (! empty($this->savePath)) {

            $this->savePath = rtrim($this->savePath, '/\\');

            ini_set('session.save_path', $this->savePath);

        } else {

            $sessionPath = rtrim(ini_get('session.save_path'), '/\\');



            if ($sessionPath === '') {

                $sessionPath = WRITEPATH . 'session';

            }

***kenjis*** · 06-04-2024, 05:41 PM

Why don't you use CI4 Session with CodeIgniter4?

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

codeus · 06-04-2024, 11:37 PM

(06-04-2024, 05:41 PM)kenjis Wrote: Why don't you use CI4 Session with CodeIgniter4?

Yes, that is of course is a solution.

There is existing session code that works, in production. To change it means time to evaluate if the new code will work as the existing code does, time to alter the code, time to do all the testing required. If there was a switch which just turned off CI:/Session (as was possible in v4.2) that would be preferable. I'm always short of time.

I raised this because the manual seems to suggest that use of CI/Session is optional.

***kenjis*** · 06-05-2024, 12:44 AM

There is no setting to disable CI4 Session from the beginning.
And now some CI4 features depend on CI4 Session.
If you don't use CI4 Session, these features do not work or cause an error like yours.

The following code in the framework starts CI4 Session.
service('session')
session()

I don't know your app works fine with CI4.3 or 4.5, but if you customize the following,
the error would be gone.
https://github.com/codeigniter4/CodeIgni....php#L1062

> I raised this because the manual seems to suggest that use of CI/Session is optional.

I'm not sure it is optional or not.
If we add an option to disable CI4 Session, some features that depend on CI4 Session will not work.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

**ozornick** · 06-05-2024, 01:07 AM

Flash messages, the built-in Referer, temporary _POST data, and validation errors during redirects will stop working...
You can try to change the CI4 class and divide the sessions by names in some way. For example, $_SESSION['old']['key'] and $_SESSION['ci']['key']

It all looks stupid. You can't time out the old code, but you have time to invent a crutch.

Simple CI 4 project for beginners codeigniter-expenses ( topic )

codeus · 06-05-2024, 02:43 PM

Thanks for the information, both of you. Use of Session is not optional.
I misinterpreted the wording here (will typically run ...) as typically Sessions are active, unless Session is not initialized. Wishful thinking.

Quote:Using the Session Class
Initializing a Session
Sessions will typically run globally with each page load, so the Session class should be magically initialized.

To access and initialize the session:

PHP Code:
<?php $session = \Config\Services::session($config);

Javayim · 02-20-2025, 08:41 AM

I had to comment out this block to make PHP sessions work correctly, as it worked well in previous CI versions :
/*

Code:
if (isset($_SESSION)) {

    session()->set('_ci_previous_url', URI::createURIString(

        $uri->getScheme(),

        $uri->getAuthority(),

        $uri->getPath(),

        $uri->getQuery(),

        $uri->getFragment()

    ));

}

*/

Using CI sessions shouldn't be mandatory. There should be a simple option to disable CI sessions and use native PHP sessions instead.