Session Class - Wiered Behavior |
[eluser]Twisted1919[/eluser]
Hi , i am getting some wiered behavior from the session library . I am storing the session data into database and , my config looks like this : Code: $config['sess_cookie_name'] = 'session'; Right now in my sessions tables i have : Code: SELECT * My problem is that , it logs me out after 10 minutes of inactivity , sometime less than 10 minutes even if the time is set higher than 10 minutes ... Why that ?
[eluser]Maglok[/eluser]
Mabye a little more information, like how do you set the session/login?
[eluser]Twisted1919[/eluser]
Thats's simple . is the classic case : Code: if($this->database->login($username,$password) == TRUE) Is this the data you are asking for ?
[eluser]Maglok[/eluser]
Do you store a lot more in those cookies? I notice you have marked encrypt_cookies. I am pretty sure encrypting takes a lot more space then normal values, and that the max is 4KB. You might somehow be going over that. As for the time. It always logs you out at the same time? It is reproducable?
[eluser]Twisted1919[/eluser]
Ok i know that the cookie can hold just 4 kb of data but is the same thing even if i store the session into database ? because i think i store more than 4 kb into my cookies and i tought that using database i can bypass this limitation ... I was wrong , wasn't i ?
[eluser]Maglok[/eluser]
People do sleep. Quote:While the session data array stored in the user's cookie contains a Session ID, unless you store session data in a database there is no way to validate it. For some applications that require little or no security, session ID validation may not be needed, but if your application requires security, validation is mandatory. Well, I am unsure. What you could do is just check the cookie when it is set using webdeveloper toolbar or in IE8 the IE8-F12 thingy.
[eluser]Twisted1919[/eluser]
I've just tested that and anyway the session data is far away of those 4 kb of data . I've set the sesstion class NOT to encrypt the cookie , hope no errors after that . Ah , and a cookie stored by ci looks like : Code: a:4:{s:10:"session_id";s:32:"51630dff10c0244a6d99fa4c1337ff1f";s:10:"ip_address";s:10:"86.34.8.xx";s:10:"user_agent";s:50:"Mozilla/5.0+(Windows;+U;+Windows+NT+6.0;+en-US;+rv";s:13:"last_activity";s:10:"1247817163";}5b5fe31174d6cafdd62d07b273b6aeec There is no presence of additional data that i set with $this->session->set_userdata() so i believe it needs only the session id and it searches into db for corresponding data . If this is true , than it doesn't matter how big is the data that i set with $this->session->set_userdata() because it stays into database and then the pre-logout thing is due some other fact ... Anyway i might be wrong ...
[eluser]topherdan1[/eluser]
I am having a similar problem in my application. The bug is really hard to reliably reproduce, but at unpredictable intervals that application will just log a user out. Any insight into this would be awesome.
[eluser]Kepler[/eluser]
Is it possible you are crossing domains without realizing it? For example http://127.0.0.1/ brings you to the same place as http://localhost/ but they have different cookies. Just a thought. And no, I don't sleep. ;-) |
Welcome Guest, Not a member yet? Register Sign In |