-
xaiborweb
Junior Member
-
Posts: 11
Threads: 3
Joined: Nov 2016
Reputation:
0
12-10-2018, 02:14 PM
Hello community, I am a novice in this framework. forgive my english I speak spanish and is a google translator. But a project with codeigniter 3.19 and Ion Auth 3 is created as a method of authentication and user registration.
On my local server xampp windows, a session works perfectly for each user. But in my web linux, ubuntu 16.04, vestacp, with cloudflare, I generate 10 sessions every 1 sg we are constantly having a million session records and taking into account that I have very little traffic it is supposed to be an error that creates duplicate session for each user.
session capture in all fields ip_address gives me the ip of my server.
![[Image: 129832d1544475311-error-codeigniter-gene...ession.jpg]](https://forobeta.com/attachments/php/129832d1544475311-error-codeigniter-genera-multiples-sessions-mismo-user-session.jpg)
Quote:web where I have the problem with the sessions
tvglu.net
es.tvglu.net
attached configurations, very grateful any help.
Quote:/application/config/config.php
$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'cisession';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = 'ci_session';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;
$config['cookie_prefix'] = 'cisession';
$config['cookie_domain'] = '';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;
$config['proxy_ips'] = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : '';
Quote:/application/config/autoload.php
$autoload['libraries'] = array('ion_auth');
Quote:tabla base de datos
CREATE TABLE `ci_session` (
`id` varchar(128) NOT NULL,
`ip_address` varchar(45) NOT NULL,
`timestamp` int(10) unsigned NOT NULL DEFAULT '0',
`data` blob NOT NULL,
PRIMARY KEY (`id`),
KEY `ci_sessions_timestamp` (`timestamp`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
PHP Code: /application/libraries/Ion_auth.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Ion_auth
{
/**
* account status ('not_activated', etc ...)
*
* @var string
**/
protected $status;
/**
* extra where
*
* @var array
**/
public $_extra_where = array();
/**
* extra set
*
* @var array
**/
public $_extra_set = array();
/**
* caching of users and their groups
*
* @var array
**/
public $_cache_user_in_group;
/**
* __construct
*
* @return void
* @author Ben
**/
public function __construct()
{
$this->load->config('ion_auth', TRUE);
$this->load->library(array('email'));
$this->lang->load('ion_auth');
$this->load->helper(array('cookie', 'language','url'));
$this->load->library('session');
$this->load->model('ion_auth_model');
$this->_cache_user_in_group =& $this->ion_auth_model->_cache_user_in_group;
//auto-login the user if they are remembered
if (!$this->logged_in() && get_cookie($this->config->item('identity_cookie_name', 'ion_auth')) && get_cookie($this->config->item('remember_cookie_name', 'ion_auth')))
{
$this->ion_auth_model->login_remembered_user();
}
$email_config = $this->config->item('email_config', 'ion_auth');
if ($this->config->item('use_ci_email', 'ion_auth') && isset($email_config) && is_array($email_config))
{
$this->email->initialize($email_config);
}
$this->ion_auth_model->trigger_events('library_constructor');
}
/**
* __call
*
* Acts as a simple way to call model methods without loads of stupid alias'
*
**/
public function __call($method, $arguments)
{
if (!method_exists( $this->ion_auth_model, $method) )
{
throw new Exception('Undefined method Ion_auth::' . $method . '() called');
}
if($method == 'create_user')
{
return call_user_func_array(array($this, 'register'), $arguments);
}
if($method=='update_user')
{
return call_user_func_array(array($this, 'update'), $arguments);
}
return call_user_func_array( array($this->ion_auth_model, $method), $arguments);
}
/**
* __get
*
* Enables the use of CI super-global without having to define an extra variable.
*
* I can't remember where I first saw this, so thank you if you are the original author. -Militis
*
* [MENTION=178865]Access[/MENTION] public
* @param $var
* @return mixed
*/
public function __get($var)
{
return get_instance()->$var;
}
/**
* forgotten password feature
*
* @return mixed boolian / array
* @author Mathew
**/
public function forgotten_password($identity) //changed $email to $identity
{
if ( $this->ion_auth_model->forgotten_password($identity) ) //changed
{
// Get user information
$user = $this->where($this->config->item('identity', 'ion_auth'), $identity)->where('active', 1)->users()->row(); //changed to get_user_by_identity from email
if ($user)
{
$data = array(
'identity' => $user->{$this->config->item('identity', 'ion_auth')},
'forgotten_password_code' => $user->forgotten_password_code
);
if(!$this->config->item('use_ci_email', 'ion_auth'))
{
$this->set_message('forgot_password_successful');
return $data;
}
else
{
$message = $this->load->view($this->config->item('email_templates', 'ion_auth').$this->config->item('email_forgot_password', 'ion_auth'), $data, true);
$this->email->clear();
$this->email->from($this->config->item('admin_email', 'ion_auth'), $this->config->item('site_title', 'ion_auth'));
$this->email->to($user->email);
$this->email->subject($this->config->item('site_title', 'ion_auth') . ' - ' . $this->lang->line('email_forgotten_password_subject'));
$this->email->message($message);
if ($this->email->send())
{
$this->set_message('forgot_password_successful');
return TRUE;
}
else
{
$this->set_error('forgot_password_unsuccessful');
return FALSE;
}
}
}
else
{
$this->set_error('forgot_password_unsuccessful');
return FALSE;
}
}
else
{
$this->set_error('forgot_password_unsuccessful');
return FALSE;
}
}
/**
* forgotten_password_complete
*
* @return void
* @author Mathew
**/
public function forgotten_password_complete($code)
{
$this->ion_auth_model->trigger_events('pre_password_change');
$identity = $this->config->item('identity', 'ion_auth');
$profile = $this->where('forgotten_password_code', $code)->users()->row(); //pass the code to profile
if (!$profile)
{
$this->ion_auth_model->trigger_events(array('post_password_change', 'password_change_unsuccessful'));
$this->set_error('password_change_unsuccessful');
return FALSE;
}
$new_password = $this->ion_auth_model->forgotten_password_complete($code, $profile->salt);
if ($new_password)
{
$data = array(
'identity' => $profile->{$identity},
'new_password' => $new_password
);
if(!$this->config->item('use_ci_email', 'ion_auth'))
{
$this->set_message('password_change_successful');
$this->ion_auth_model->trigger_events(array('post_password_change', 'password_change_successful'));
return $data;
}
else
{
$message = $this->load->view($this->config->item('email_templates', 'ion_auth').$this->config->item('email_forgot_password_complete', 'ion_auth'), $data, true);
$this->email->clear();
$this->email->from($this->config->item('admin_email', 'ion_auth'), $this->config->item('site_title', 'ion_auth'));
$this->email->to($profile->email);
$this->email->subject($this->config->item('site_title', 'ion_auth') . ' - ' . $this->lang->line('email_new_password_subject'));
$this->email->message($message);
if ($this->email->send())
{
$this->set_message('password_change_successful');
$this->ion_auth_model->trigger_events(array('post_password_change', 'password_change_successful'));
return TRUE;
}
else
{
$this->set_error('password_change_unsuccessful');
$this->ion_auth_model->trigger_events(array('post_password_change', 'password_change_unsuccessful'));
return FALSE;
}
}
}
$this->ion_auth_model->trigger_events(array('post_password_change', 'password_change_unsuccessful'));
return FALSE;
}
/**
* forgotten_password_check
*
* @return void
* @author Michael
**/
public function forgotten_password_check($code)
{
$profile = $this->where('forgotten_password_code', $code)->users()->row(); //pass the code to profile
if (!is_object($profile))
{
$this->set_error('password_change_unsuccessful');
return FALSE;
}
else
{
if ($this->config->item('forgot_password_expiration', 'ion_auth') > 0) {
//Make sure it isn't expired
$expiration = $this->config->item('forgot_password_expiration', 'ion_auth');
if (time() - $profile->forgotten_password_time > $expiration) {
//it has expired
$this->clear_forgotten_password_code($code);
$this->set_error('password_change_unsuccessful');
return FALSE;
}
}
return $profile;
}
}
/**
* register
*
* @return void
* @author Mathew
**/
public function register($username, $password, $email, $additional_data = array(), $group_ids = array()) //need to test email activation
{
$this->ion_auth_model->trigger_events('pre_account_creation');
$email_activation = $this->config->item('email_activation', 'ion_auth');
if (!$email_activation)
{
$id = $this->ion_auth_model->register($username, $password, $email, $additional_data, $group_ids);
if ($id !== FALSE)
{
$this->set_message('account_creation_successful');
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_successful'));
return $id;
}
else
{
$this->set_error('account_creation_unsuccessful');
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_unsuccessful'));
return FALSE;
}
}
else
{
$id = $this->ion_auth_model->register($username, $password, $email, $additional_data, $group_ids);
if (!$id)
{
$this->set_error('account_creation_unsuccessful');
return FALSE;
}
$deactivate = $this->ion_auth_model->deactivate($id);
if (!$deactivate)
{
$this->set_error('deactivate_unsuccessful');
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_unsuccessful'));
return FALSE;
}
$activation_code = $this->ion_auth_model->activation_code;
$identity = $this->config->item('identity', 'ion_auth');
$user = $this->ion_auth_model->user($id)->row();
$data = array(
'identity' => $user->{$identity},
'id' => $user->id,
'email' => $email,
'activation' => $activation_code,
);
if(!$this->config->item('use_ci_email', 'ion_auth'))
{
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_successful', 'activation_email_successful'));
$this->set_message('activation_email_successful');
return $data;
}
else
{
$message = $this->load->view($this->config->item('email_templates', 'ion_auth').$this->config->item('email_activate', 'ion_auth'), $data, true);
$this->email->clear();
$this->email->from($this->config->item('admin_email', 'ion_auth'), $this->config->item('site_title', 'ion_auth'));
$this->email->to($email);
$this->email->subject($this->config->item('site_title', 'ion_auth') . ' - ' . $this->lang->line('email_activation_subject'));
$this->email->message($message);
if ($this->email->send() == TRUE)
{
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_successful', 'activation_email_successful'));
$this->set_message('activation_email_successful');
return $id;
}
}
$this->ion_auth_model->trigger_events(array('post_account_creation', 'post_account_creation_unsuccessful', 'activation_email_unsuccessful'));
$this->set_error('activation_email_unsuccessful');
return FALSE;
}
}
/**
* logout
*
* @return void
* @author Mathew
**/
public function logout()
{
$this->ion_auth_model->trigger_events('logout');
$identity = $this->config->item('identity', 'ion_auth');
$this->session->unset_userdata( array($identity => '', 'id' => '', 'user_id' => '') );
//delete the remember me cookies if they exist
if (get_cookie($this->config->item('identity_cookie_name', 'ion_auth')))
{
delete_cookie($this->config->item('identity_cookie_name', 'ion_auth'));
}
if (get_cookie($this->config->item('remember_cookie_name', 'ion_auth')))
{
delete_cookie($this->config->item('remember_cookie_name', 'ion_auth'));
}
//Destroy the session
$this->session->sess_destroy();
//Recreate the session
if (substr(CI_VERSION, 0, 1) == '2')
{
$this->session->sess_create();
}
else
{
$this->session->sess_regenerate(TRUE);
}
$this->set_message('logout_successful');
return TRUE;
}
/**
* logged_in
*
* @return bool
* @author Mathew
**/
public function logged_in()
{
$this->ion_auth_model->trigger_events('logged_in');
return (bool) $this->session->userdata('identity');
}
/**
* logged_in
*
* @return integer
* @author jrmadsen67
**/
public function get_user_id()
{
$user_id = $this->session->userdata('user_id');
if (!empty($user_id))
{
return $user_id;
}
return null;
}
/**
* is_admin
*
* @return bool
* @author Ben Edmunds
**/
public function is_admin($id=false)
{
$this->ion_auth_model->trigger_events('is_admin');
$admin_group = $this->config->item('admin_group', 'ion_auth');
return $this->in_group($admin_group, $id);
}
/**
* in_group
*
* @param mixed group(s) to check
* @param bool user id
* @param bool check if all groups is present, or any of the groups
*
* @return bool
* @author Phil Sturgeon
**/
public function in_group($check_group, $id=false, $check_all = false)
{
$this->ion_auth_model->trigger_events('in_group');
$id || $id = $this->session->userdata('user_id');
if (!is_array($check_group))
{
$check_group = array($check_group);
}
if (isset($this->_cache_user_in_group[$id]))
{
$groups_array = $this->_cache_user_in_group[$id];
}
else
{
$users_groups = $this->ion_auth_model->get_users_groups($id)->result();
$groups_array = array();
foreach ($users_groups as $group)
{
$groups_array[$group->id] = $group->name;
}
$this->_cache_user_in_group[$id] = $groups_array;
}
foreach ($check_group as $key => $value)
{
$groups = (is_string($value)) ? $groups_array : array_keys($groups_array);
/**
* if !all (default), in_array
* if all, !in_array
*/
if (in_array($value, $groups) xor $check_all)
{
/**
* if !all (default), true
* if all, false
*/
return !$check_all;
}
}
/**
* if !all (default), false
* if all, true
*/
return $check_all;
}
}
-
xaiborweb
Junior Member
-
Posts: 11
Threads: 3
Joined: Nov 2016
Reputation:
0
-
InsiteFX
Super Moderator
-
Posts: 6,670
Threads: 338
Joined: Oct 2014
Reputation:
243
You need to turn on private messaging in your Forum Profile, otherwise no one
can send you a message.
Did you check your php.ini session settings?
Also in the php.ini make sure that this is not set to 0 (ZERO) session.gc_probability = 1
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
xaiborweb
Junior Member
-
Posts: 11
Threads: 3
Joined: Nov 2016
Reputation:
0
(12-11-2018, 12:51 PM)InsiteFX Wrote: You need to turn on private messaging in your Forum Profile, otherwise no one
can send you a message.
Did you check your php.ini session settings?
Also in the php.ini make sure that this is not set to 0 (ZERO) session.gc_probability = 1 [quote pid='360221' dateline='1544557909']
thanks for answering 
/system/libraries/Session/Session.php
PHP Code: <?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (https://bcit.ca/)
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0.0
* @filesource
*/
defined('BASEPATH') OR exit('No direct script access allowed');
/**
* CodeIgniter Session Class
*
* @package CodeIgniter
* @subpackage Libraries
* @category Sessions
* @author Andrey Andreev
* @link https://codeigniter.com/user_guide/libraries/sessions.html
*/
class CI_Session {
/**
* Userdata array
*
* Just a reference to $_SESSION, for BC purposes.
*/
public $userdata;
protected $_driver = 'files';
protected $_config;
protected $_sid_regexp;
// ------------------------------------------------------------------------
/**
* Class constructor
*
* @param array $params Configuration parameters
* @return void
*/
public function __construct(array $params = array())
{
// No sessions under CLI
if (is_cli())
{
log_message('debug', 'Session: Initialization under CLI aborted.');
return;
}
elseif ((bool) ini_get('session.auto_start'))
{
log_message('error', 'Session: session.auto_start is enabled in php.ini. Aborting.');
return;
}
elseif ( ! empty($params['driver']))
{
$this->_driver = $params['driver'];
unset($params['driver']);
}
elseif ($driver = config_item('sess_driver'))
{
$this->_driver = $driver;
}
// Note: BC workaround
elseif (config_item('sess_use_database'))
{
log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".');
$this->_driver = 'database';
}
$class = $this->_ci_load_classes($this->_driver);
// Configuration ...
$this->_configure($params);
$this->_config['_sid_regexp'] = $this->_sid_regexp;
$class = new $class($this->_config);
if ($class instanceof SessionHandlerInterface)
{
session_set_save_handler($class, TRUE);
}
else
{
log_message('error', "Session: Driver '".$this->_driver."' doesn't implement SessionHandlerInterface. Aborting.");
return;
}
// Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
if (isset($_COOKIE[$this->_config['cookie_name']])
&& (
! is_string($_COOKIE[$this->_config['cookie_name']])
OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']])
)
)
{
unset($_COOKIE[$this->_config['cookie_name']]);
}
session_start();
// Is session ID auto-regeneration configured? (ignoring ajax requests)
if ((empty($_SERVER['HTTP_X_REQUESTED_WITH']) OR strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest')
&& ($regenerate_time = config_item('sess_time_to_update')) > 0
)
{
if ( ! isset($_SESSION['__ci_last_regenerate']))
{
$_SESSION['__ci_last_regenerate'] = time();
}
elseif ($_SESSION['__ci_last_regenerate'] < (time() - $regenerate_time))
{
$this->sess_regenerate((bool) config_item('sess_regenerate_destroy'));
}
}
// Another work-around ... PHP doesn't seem to send the session cookie
// unless it is being currently created or regenerated
elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id())
{
setcookie(
$this->_config['cookie_name'],
session_id(),
(empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']),
$this->_config['cookie_path'],
$this->_config['cookie_domain'],
$this->_config['cookie_secure'],
TRUE
);
}
$this->_ci_init_vars();
log_message('info', "Session: Class initialized using '".$this->_driver."' driver.");
}
// ------------------------------------------------------------------------
/**
* CI Load Classes
*
* An internal method to load all possible dependency and extension
* classes. It kind of emulates the CI_Driver library, but is
* self-sufficient.
*
* @param string $driver Driver name
* @return string Driver class name
*/
protected function _ci_load_classes($driver)
{
$prefix = config_item('subclass_prefix');
if ( ! class_exists('CI_Session_driver', FALSE))
{
require_once(
file_exists(APPPATH.'libraries/Session/Session_driver.php')
? APPPATH.'libraries/Session/Session_driver.php'
: BASEPATH.'libraries/Session/Session_driver.php'
);
if (file_exists($file_path = APPPATH.'libraries/Session/'.$prefix.'Session_driver.php'))
{
require_once($file_path);
}
}
$class = 'Session_'.$driver.'_driver';
// Allow custom drivers without the CI_ or MY_ prefix
if ( ! class_exists($class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php'))
{
require_once($file_path);
if (class_exists($class, FALSE))
{
return $class;
}
}
if ( ! class_exists('CI_'.$class, FALSE))
{
if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php'))
{
require_once($file_path);
}
if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE))
{
throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting.");
}
}
if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php'))
{
require_once($file_path);
if (class_exists($prefix.$class, FALSE))
{
return $prefix.$class;
}
log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.');
}
return 'CI_'.$class;
}
// ------------------------------------------------------------------------
/**
* Configuration
*
* Handle input parameters and configuration defaults
*
* @param array &$params Input parameters
* @return void
*/
protected function _configure(&$params)
{
$expiration = config_item('sess_expiration');
if (isset($params['cookie_lifetime']))
{
$params['cookie_lifetime'] = (int) $params['cookie_lifetime'];
}
else
{
$params['cookie_lifetime'] = ( ! isset($expiration) && config_item('sess_expire_on_close'))
? 0 : (int) $expiration;
}
isset($params['cookie_name']) OR $params['cookie_name'] = config_item('sess_cookie_name');
if (empty($params['cookie_name']))
{
$params['cookie_name'] = ini_get('session.name');
}
else
{
ini_set('session.name', $params['cookie_name']);
}
isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path');
isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain');
isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure');
session_set_cookie_params(
$params['cookie_lifetime'],
$params['cookie_path'],
$params['cookie_domain'],
$params['cookie_secure'],
TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons
);
if (empty($expiration))
{
$params['expiration'] = (int) ini_get('session.gc_maxlifetime');
}
else
{
$params['expiration'] = (int) $expiration;
ini_set('session.gc_maxlifetime', $expiration);
}
$params['match_ip'] = (bool) (isset($params['match_ip']) ? $params['match_ip'] : config_item('sess_match_ip'));
isset($params['save_path']) OR $params['save_path'] = config_item('sess_save_path');
$this->_config = $params;
// Security is king
ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
$this->_configure_sid_length();
}
// ------------------------------------------------------------------------
/**
* Configure session ID length
*
* To make life easier, we used to force SHA-1 and 4 bits per
* character on everyone. And of course, someone was unhappy.
*
* Then PHP 7.1 broke backwards-compatibility because ext/session
* is such a mess that nobody wants to touch it with a pole stick,
* and the one guy who does, nobody has the energy to argue with.
*
* So we were forced to make changes, and OF COURSE something was
* going to break and now we have this pile of shit. -- Narf
*
* @return void
*/
protected function _configure_sid_length()
{
if (PHP_VERSION_ID < 70100)
{
$hash_function = ini_get('session.hash_function');
if (ctype_digit($hash_function))
{
if ($hash_function !== '1')
{
ini_set('session.hash_function', 1);
}
$bits = 160;
}
elseif ( ! in_array($hash_function, hash_algos(), TRUE))
{
ini_set('session.hash_function', 1);
$bits = 160;
}
elseif (($bits = strlen(hash($hash_function, 'dummy', false)) * 4) < 160)
{
ini_set('session.hash_function', 1);
$bits = 160;
}
$bits_per_character = (int) ini_get('session.hash_bits_per_character');
$sid_length = (int) ceil($bits / $bits_per_character);
}
else
{
$bits_per_character = (int) ini_get('session.sid_bits_per_character');
$sid_length = (int) ini_get('session.sid_length');
if (($bits = $sid_length * $bits_per_character) < 160)
{
// Add as many more characters as necessary to reach at least 160 bits
$sid_length += (int) ceil((160 % $bits) / $bits_per_character);
ini_set('session.sid_length', $sid_length);
}
}
// Yes, 4,5,6 are the only known possible values as of 2016-10-27
switch ($bits_per_character)
{
case 4:
$this->_sid_regexp = '[0-9a-f]';
break;
case 5:
$this->_sid_regexp = '[0-9a-v]';
break;
case 6:
$this->_sid_regexp = '[0-9a-zA-Z,-]';
break;
}
$this->_sid_regexp .= '{'.$sid_length.'}';
}
// ------------------------------------------------------------------------
/**
* Handle temporary variables
*
* Clears old "flash" data, marks the new one for deletion and handles
* "temp" data deletion.
*
* @return void
*/
protected function _ci_init_vars()
{
if ( ! empty($_SESSION['__ci_vars']))
{
$current_time = time();
foreach ($_SESSION['__ci_vars'] as $key => &$value)
{
if ($value === 'new')
{
$_SESSION['__ci_vars'][$key] = 'old';
}
// Hacky, but 'old' will (implicitly) always be less than time() ;)
// DO NOT move this above the 'new' check!
elseif ($value < $current_time)
{
unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]);
}
}
if (empty($_SESSION['__ci_vars']))
{
unset($_SESSION['__ci_vars']);
}
}
$this->userdata =& $_SESSION;
}
// ------------------------------------------------------------------------
/**
* Mark as flash
*
* @param mixed $key Session data key(s)
* @return bool
*/
public function mark_as_flash($key)
{
if (is_array($key))
{
for ($i = 0, $c = count($key); $i < $c; $i++)
{
if ( ! isset($_SESSION[$key[$i]]))
{
return FALSE;
}
}
$new = array_fill_keys($key, 'new');
$_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
? array_merge($_SESSION['__ci_vars'], $new)
: $new;
return TRUE;
}
if ( ! isset($_SESSION[$key]))
{
return FALSE;
}
$_SESSION['__ci_vars'][$key] = 'new';
return TRUE;
}
// ------------------------------------------------------------------------
/**
* Get flash keys
*
* @return array
*/
public function get_flash_keys()
{
if ( ! isset($_SESSION['__ci_vars']))
{
return array();
}
$keys = array();
foreach (array_keys($_SESSION['__ci_vars']) as $key)
{
is_int($_SESSION['__ci_vars'][$key]) OR $keys[] = $key;
}
return $keys;
}
// ------------------------------------------------------------------------
/**
* Unmark flash
*
* @param mixed $key Session data key(s)
* @return void
*/
public function unmark_flash($key)
{
if (empty($_SESSION['__ci_vars']))
{
return;
}
is_array($key) OR $key = array($key);
foreach ($key as $k)
{
if (isset($_SESSION['__ci_vars'][$k]) && ! is_int($_SESSION['__ci_vars'][$k]))
{
unset($_SESSION['__ci_vars'][$k]);
}
}
if (empty($_SESSION['__ci_vars']))
{
unset($_SESSION['__ci_vars']);
}
}
// ------------------------------------------------------------------------
/**
* Mark as temp
*
* @param mixed $key Session data key(s)
* @param int $ttl Time-to-live in seconds
* @return bool
*/
public function mark_as_temp($key, $ttl = 300)
{
$ttl += time();
if (is_array($key))
{
$temp = array();
foreach ($key as $k => $v)
{
// Do we have a key => ttl pair, or just a key?
if (is_int($k))
{
$k = $v;
$v = $ttl;
}
else
{
$v += time();
}
if ( ! isset($_SESSION[$k]))
{
return FALSE;
}
$temp[$k] = $v;
}
$_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
? array_merge($_SESSION['__ci_vars'], $temp)
: $temp;
return TRUE;
}
if ( ! isset($_SESSION[$key]))
{
return FALSE;
}
$_SESSION['__ci_vars'][$key] = $ttl;
return TRUE;
}
// ------------------------------------------------------------------------
/**
* Get temp keys
*
* @return array
*/
public function get_temp_keys()
{
if ( ! isset($_SESSION['__ci_vars']))
{
return array();
}
$keys = array();
foreach (array_keys($_SESSION['__ci_vars']) as $key)
{
is_int($_SESSION['__ci_vars'][$key]) && $keys[] = $key;
}
return $keys;
}
// ------------------------------------------------------------------------
/**
* Unmark temp
*
* @param mixed $key Session data key(s)
* @return void
*/
public function unmark_temp($key)
{
if (empty($_SESSION['__ci_vars']))
{
return;
}
is_array($key) OR $key = array($key);
foreach ($key as $k)
{
if (isset($_SESSION['__ci_vars'][$k]) && is_int($_SESSION['__ci_vars'][$k]))
{
unset($_SESSION['__ci_vars'][$k]);
}
}
if (empty($_SESSION['__ci_vars']))
{
unset($_SESSION['__ci_vars']);
}
}
// ------------------------------------------------------------------------
/**
* __get()
*
* @param string $key 'session_id' or a session data key
* @return mixed
*/
public function __get($key)
{
// Note: Keep this order the same, just in case somebody wants to
// use 'session_id' as a session data key, for whatever reason
if (isset($_SESSION[$key]))
{
return $_SESSION[$key];
}
elseif ($key === 'session_id')
{
return session_id();
}
return NULL;
}
// ------------------------------------------------------------------------
/**
* __isset()
*
* @param string $key 'session_id' or a session data key
* @return bool
*/
public function __isset($key)
{
if ($key === 'session_id')
{
return (session_status() === PHP_SESSION_ACTIVE);
}
return isset($_SESSION[$key]);
}
// ------------------------------------------------------------------------
/**
* __set()
*
* @param string $key Session data key
* @param mixed $value Session data value
* @return void
*/
public function __set($key, $value)
{
$_SESSION[$key] = $value;
}
// ------------------------------------------------------------------------
/**
* Session destroy
*
* Legacy CI_Session compatibility method
*
* @return void
*/
public function sess_destroy()
{
session_destroy();
}
// ------------------------------------------------------------------------
/**
* Session regenerate
*
* Legacy CI_Session compatibility method
*
* @param bool $destroy Destroy old session data flag
* @return void
*/
public function sess_regenerate($destroy = FALSE)
{
$_SESSION['__ci_last_regenerate'] = time();
session_regenerate_id($destroy);
}
// ------------------------------------------------------------------------
/**
* Get userdata reference
*
* Legacy CI_Session compatibility method
*
* @returns array
*/
public function &get_userdata()
{
return $_SESSION;
}
// ------------------------------------------------------------------------
/**
* Userdata (fetch)
*
* Legacy CI_Session compatibility method
*
* @param string $key Session data key
* @return mixed Session data value or NULL if not found
*/
public function userdata($key = NULL)
{
if (isset($key))
{
return isset($_SESSION[$key]) ? $_SESSION[$key] : NULL;
}
elseif (empty($_SESSION))
{
return array();
}
$userdata = array();
$_exclude = array_merge(
array('__ci_vars'),
$this->get_flash_keys(),
$this->get_temp_keys()
);
foreach (array_keys($_SESSION) as $key)
{
if ( ! in_array($key, $_exclude, TRUE))
{
$userdata[$key] = $_SESSION[$key];
}
}
return $userdata;
}
// ------------------------------------------------------------------------
/**
* Set userdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $data Session data key or an associative array
* @param mixed $value Value to store
* @return void
*/
public function set_userdata($data, $value = NULL)
{
if (is_array($data))
{
foreach ($data as $key => &$value)
{
$_SESSION[$key] = $value;
}
return;
}
$_SESSION[$data] = $value;
}
// ------------------------------------------------------------------------
/**
* Unset userdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $key Session data key(s)
* @return void
*/
public function unset_userdata($key)
{
if (is_array($key))
{
foreach ($key as $k)
{
unset($_SESSION[$k]);
}
return;
}
unset($_SESSION[$key]);
}
// ------------------------------------------------------------------------
/**
* All userdata (fetch)
*
* Legacy CI_Session compatibility method
*
* @return array $_SESSION, excluding flash data items
*/
public function all_userdata()
{
return $this->userdata();
}
// ------------------------------------------------------------------------
/**
* Has userdata
*
* Legacy CI_Session compatibility method
*
* @param string $key Session data key
* @return bool
*/
public function has_userdata($key)
{
return isset($_SESSION[$key]);
}
// ------------------------------------------------------------------------
/**
* Flashdata (fetch)
*
* Legacy CI_Session compatibility method
*
* @param string $key Session data key
* @return mixed Session data value or NULL if not found
*/
public function flashdata($key = NULL)
{
if (isset($key))
{
return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && ! is_int($_SESSION['__ci_vars'][$key]))
? $_SESSION[$key]
: NULL;
}
$flashdata = array();
if ( ! empty($_SESSION['__ci_vars']))
{
foreach ($_SESSION['__ci_vars'] as $key => &$value)
{
is_int($value) OR $flashdata[$key] = $_SESSION[$key];
}
}
return $flashdata;
}
// ------------------------------------------------------------------------
/**
* Set flashdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $data Session data key or an associative array
* @param mixed $value Value to store
* @return void
*/
public function set_flashdata($data, $value = NULL)
{
$this->set_userdata($data, $value);
$this->mark_as_flash(is_array($data) ? array_keys($data) : $data);
}
// ------------------------------------------------------------------------
/**
* Keep flashdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $key Session data key(s)
* @return void
*/
public function keep_flashdata($key)
{
$this->mark_as_flash($key);
}
// ------------------------------------------------------------------------
/**
* Temp data (fetch)
*
* Legacy CI_Session compatibility method
*
* @param string $key Session data key
* @return mixed Session data value or NULL if not found
*/
public function tempdata($key = NULL)
{
if (isset($key))
{
return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && is_int($_SESSION['__ci_vars'][$key]))
? $_SESSION[$key]
: NULL;
}
$tempdata = array();
if ( ! empty($_SESSION['__ci_vars']))
{
foreach ($_SESSION['__ci_vars'] as $key => &$value)
{
is_int($value) && $tempdata[$key] = $_SESSION[$key];
}
}
return $tempdata;
}
// ------------------------------------------------------------------------
/**
* Set tempdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $data Session data key or an associative array of items
* @param mixed $value Value to store
* @param int $ttl Time-to-live in seconds
* @return void
*/
public function set_tempdata($data, $value = NULL, $ttl = 300)
{
$this->set_userdata($data, $value);
$this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl);
}
// ------------------------------------------------------------------------
/**
* Unset tempdata
*
* Legacy CI_Session compatibility method
*
* @param mixed $data Session data key(s)
* @return void
*/
public function unset_tempdata($key)
{
$this->unmark_temp($key);
}
}
php.ini
session.gc_probability = 1
session.gc_divisor = 100
in my localhost xampp if I create only one session at least for my ip, but in my server I create 1 each time the page is reloaded
[/quote]
-
xaiborweb
Junior Member
-
Posts: 11
Threads: 3
Joined: Nov 2016
Reputation:
0
(12-12-2018, 10:01 AM)InsiteFX Wrote:
That will tell you what version you are running.
3.2.0-dev
the problem is that it creates multiple sessions for the same user, I was wondering if there would be any way to limit a session by ip of the user in case that should change because in the table of ci_session in all sessions I put the ip my vps and this is just the content that you create from the session.
__ci_last_regenerate|i:1544646983;
n my localhost xampp I created a session and if I am active I edited it but if I open another browser or delay in irrigating a page creates a new one and does not delete the previous one.
the server has a canada date but the users are from europe and latin america I was wondering if it could also influence the time schedule also.
the fact is that I am a newbie with codeigniter and in the subject of the sessions it gives many headaches, but I do not know another way of adding a system of registration to the web
I remember the test website in case you can review it: tvglu.net
-
xaiborweb
Junior Member
-
Posts: 11
Threads: 3
Joined: Nov 2016
Reputation:
0
|
