Welcome Guest, Not a member yet? Register   Sign In
[Workaround found] CodeIgniter 3.0 cannot access native $_SESSION
#1

(This post was last modified: 04-14-2015, 05:32 PM by gofrendi. Edit Reason: Find Solution )

Hi, I'm using CodeIgniter 3.0.
CI 3's session can also be accessed as $_SESSION.
However this $_SESSION is quiet different from PHP's native $_SESSION.

Let's say I have a controller like this:

PHP Code:
<?php
defined
('BASEPATH') OR exit('No direct script access allowed');

class 
Welcome extends CI_Controller {
    public function 
index()
    {
        
$this->load->library('session');
        
var_dump($_SESSION);
    }


It will yield this:
array (size=1)
'__ci_last_regenerate' => int 1429015988


However, when I make another file in FCPATH
THIS IS NOT A CONTROLLER/VIEW/MODEL, JUST A PHP FILE WHICH IS CALLED DIRECTLY
PHP Code:
<?php
    if
(!isset($_SESSION)){
 
       session_start();
 
   }
 
   var_dump($_SESSION); 

It yield this:
array (size=0)
empty



This make CodeIgniter cannot share session with external application. Is it an expected behavior? Is there any workaround if I want to share codeigniter's session with external php script?

UPDATE:

Here is my ugly-but-work workaround:
CodeIgniter can't access native session, but external PHP can access CodeIgniter's session like this:
PHP Code:
ob_start();
include(
'index.php');
ob_end_clean();
$CI =& get_instance();
$CI->load->driver('session');
var_dump($_SESSION); 

This works, but it is actually awkward. When you include "index.php", it will also do all the process in your default controller's. However this is the easiest and best way I can find. Other solution (including decode the cookie) will be very hard.
Reply
#2

(This post was last modified: 04-14-2015, 07:16 AM by RWCH.)

Just a guess:

session_start() starts a new session or resumes an existing session". By doing another page request without calling session_start you will loose you session. You MUST call session_start() to resume your session. Why do you call session_start()?

In CodeIgniter it is sufficient to use $this->load->library('session'); You session will be available with every page request and you can access it using $this->session.

I think var_dump($_SESSION); and var_dump($this->session); will give you the same result. However I never checked it and cannot check it now.
Reply
#3

(04-14-2015, 07:15 AM)RWCH Wrote: Just a guess:

session_start() starts a new session or resumes an existing session". By doing another page request without calling session_start you will loose you session. You MUST call session_start() to resume your session. Why do you call session_start()?

In CodeIgniter it is sufficient to use $this->load->library('session'); You session will be available with every page request and you can access it using $this->session.

I think var_dump($_SESSION); and var_dump($this->session); will give you the same result. However I never checked it and cannot check it now.

I have call session_start() in my external script:
PHP Code:
<?php
    if
(!isset($_SESSION)){
 
       session_start();
 
   }
 
   var_dump($_SESSION); 


Yes var_dump($_SESSION) and var_dump($this->session->all_userdata()) will give the same result, but it has nothing to do with my problem.

My problem is:

$_SESSION in my non-codeigniter php application is different from $_SESSION in codeigniter application.
Thus Codeigniter and non-codeigniter php application cannot share session.
Reply
#4

(04-14-2015, 07:21 AM)gofrendi Wrote:
(04-14-2015, 07:15 AM)RWCH Wrote: Just a guess:

session_start() starts a new session or resumes an existing session". By doing another page request without calling session_start you will loose you session. You MUST call session_start() to resume your session. Why do you call session_start()?

In CodeIgniter it is sufficient to use $this->load->library('session'); You session will be available with every page request and you can access it using $this->session.

I think var_dump($_SESSION); and var_dump($this->session); will give you the same result. However I never checked it and cannot check it now.

I have call session_start() in my external script:


PHP Code:
<?php
    if
(!isset($_SESSION)){
 
       session_start();
 
   }
 
   var_dump($_SESSION); 


Yes var_dump($_SESSION) and var_dump($this->session->all_userdata()) will give the same result, but it has nothing to do with my problem.

My problem is:

$_SESSION in my non-codeigniter php application is different from $_SESSION in codeigniter application.
Thus Codeigniter and non-codeigniter php application cannot share session.

You could do a check when the user enters your CI application.
If you have created your sessions in the other app with the normal $_SESSION functionality you could just do something like this when the user enters the CI app:

PHP Code:
if(isset($_SESSION['whatever'])) {
 
   # add it to the CI session
 
   $this->session->userdata....


You could also do it the other way around. Just make sure to validate them when passing them between the scopes.
Reply
#5

(04-14-2015, 07:37 AM)Northize Wrote:
(04-14-2015, 07:21 AM)gofrendi Wrote:
(04-14-2015, 07:15 AM)RWCH Wrote: Just a guess:

session_start() starts a new session or resumes an existing session". By doing another page request without calling session_start you will loose you session. You MUST call session_start() to resume your session. Why do you call session_start()?

In CodeIgniter it is sufficient to use $this->load->library('session'); You session will be available with every page request and you can access it using $this->session.

I think var_dump($_SESSION); and var_dump($this->session); will give you the same result. However I never checked it and cannot check it now.

I have call session_start() in my external script:




PHP Code:
<?php
    if
(!isset($_SESSION)){
 
       session_start();
 
   }
 
   var_dump($_SESSION); 


Yes var_dump($_SESSION) and var_dump($this->session->all_userdata()) will give the same result, but it has nothing to do with my problem.

My problem is:

$_SESSION in my non-codeigniter php application is different from $_SESSION in codeigniter application.
Thus Codeigniter and non-codeigniter php application cannot share session.

You could do a check when the user enters your CI application.
If you have created your sessions in the other app with the normal $_SESSION functionality you could just do something like this when the user enters the CI app:



PHP Code:
if(isset($_SESSION['whatever'])) {
 
   # add it to the CI session
 
   $this->session->userdata....


You could also do it the other way around. Just make sure to validate them when passing them between the scopes.

Have you try it?
I don't think it will work.

First, you have $_SESSION['whatever'] from other application.

Now, when you do $this->load->driver('session'), there will be no $_SESSION['whatever']
When you load session library, and use "files" as driver, $_SESSION in the next code will be totally different.
$_SESSION will be an alias to codeigniter session, and it will be totally off.

The documentation (http://www.codeigniter.com/userguide3/li...ssion-data) said that 
these script are the same:
PHP Code:
$name $_SESSION['name'];

// or:

$name $this->session->name

// or:

$name $this->session->userdata('name'); 

But it miss something important. Once you load session library, you will never able to access the original native php session anymore.

I think I have mention it, but I'll say it again:

I have a controller: application/controllers/welcome.php

PHP Code:
<?php
defined
('BASEPATH') OR exit('No direct script access allowed');

class 
Welcome extends CI_Controller {
 
   public function index()
 
   {
 
       $this->load->library('session');
 
       var_dump($_SESSION);
 
   }


I have another PHP file: x.php
PHP Code:
<?php
    if
(!isset($_SESSION)){
 
       session_start();
 
   }
 
   var_dump($_SESSION); 

I access this url : http://localhost/index.php/welcome.
It yield this:

array (size=1)



  '__ci_last_regenerate' => int 1429025329


I access this url : http://localhost/x.php.
It yield this:

array (size=0)

  empty


This mean that $_SESSION in welcome.php is different from $_SESSION in x.php
The $_SESSION should always be the same. Thus, CodeIgniter and any other application which is written in plain PHP cannot share session.
This behavior is unexpected, or do you think otherwise?
Or do you have a different result from mine?
Please at least try the example I provide before rush to comment.
I have no problem with codeigniter 2.1.4 and 3.0 dev. This problem only occurred with CodeIgniter 3.0.
Reply
#6

It is the same session, just with a few more variables set in it by CI - and yes, that makes it very hard to share a session between two applications.

That's an unintentional consequence, but you should never do it anyway.
Reply
#7

(04-16-2015, 04:47 AM)Narf Wrote: It is the same session, just with a few more variables set in it by CI - and yes, that makes it very hard to share a session between two applications.

That's an unintentional consequence, but you should never do it anyway.
I see that CI Session have it's own session handler. So, the only way to use CI Session outside CI is by using the same session handler.
However, I think that will be very difficult. So, I'm now using encrypted cookie instead.
Reply
#8

You don't necessarily need the same handler, just simply emulate the behaviour a bit. It's quite simple: get value of cookie (by default ci_session) and load the content of the session file containing this name (if you use files driver) from directory specified in $config['sess_save_path']
Reply
#9

(04-16-2015, 05:35 AM)gadelat Wrote: You don't necessarily need the same handler, just simply emulate the behaviour a bit. It's quite simple: get value of cookie (by default ci_session) and load the content of the session file containing this name (if you use files driver) from directory specified in $config['sess_save_path']

Hi, this is interesting. do you mean that ci_session contains the name of the session file?
I believe it is encrypted. How do you decode that?
Interesting idea and it is going to be very easy and efficient if I can do that.
Reply
#10

(04-16-2015, 11:01 PM)gofrendi Wrote: Hi, this is interesting. do you mean that ci_session contains the name of the session file?
Yes
Quote:I believe it is encrypted
It's not.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB