Welcome Guest, Not a member yet? Register   Sign In
I think my website got hacked
#11

(12-16-2015, 01:12 AM)kenjis Wrote: > I just use the session for showing the errors of success action which is in using set_flashdata() and as I read this session will delete after redirect a page!

It means you use session.

The files are the files which store session data.
But you don't store data permanently in sessions, the files are 0 byte.

Do you know why the random files came to my FTP directory ? is it also about the SESSION issue?
Reply
#12

You need to set your session_save_path to the folder where your session data will be stored. Yours is NULL.
http://www.codeigniter.com/user_guide/li...references
Reply
#13

Quote:Do you know why the random files came to my FTP directory ? is it also about the SESSION issue?

Yes, I think so. The filename is the session id.

Your error message is:
Session: Configured save path '' is not a directory, doesn't exist or cannot be created.

It means your session save path is empty. It is invalid as a file path.
So it seems the session files are created in the current directory (where index.php locates).

Your current problem is the config for session save path.
You must set the valid (writable) directory as absolute path.

But I don't know why the error suddenly happened.
Reply
#14

Strange thing is in your config you have this:
PHP Code:
$config['sess_cookie_name'] = 'ci_session'
Meaning the session filenames should start with ci_session follow by the session_id. And that is also not the case.
Are you the only one working on this project? And if you can, check the current online version to a version that was working before this error started
Reply
#15

No, $config['sess_cookie_name'] determines the name of the cookie (to store the session id) on the client side. The file names for session files are identical to the session id's.
Reply
#16

I am also using the files driver for my sessions and as you can see in the attached image, my session files start with ci_session. I am 100% sure that these are not cookies that are being stored in my sessions directory.

   

True, my cookie is also called ci_session, but my session files al are prefixed with this same name. And I just tested this. I changed the config from

PHP Code:
$config['sess_cookie_name'] = 'ci_session'

to this

PHP Code:
$config['sess_cookie_name'] = 'ci_blabla_test_'

In the next two images you can see the result

       
Reply
#17

Your absolutely right. It seems that the config value is also used as a name prefix.

Sesion_files_driver.php:
Code:
$this->_file_path = $this->_config['save_path'].DIRECTORY_SEPARATOR
.$name // we'll use the session cookie name as a prefix to avoid collisions
.($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : '');
Reply
#18

So his problem is session related, but it is some weird one I can not figure out
Reply
#19

(12-16-2015, 08:04 AM)ciadmin Wrote: You need to set your session_save_path to the folder where your session data will be stored. Yours is NULL.
http://www.codeigniter.com/user_guide/li...references

what if i set sess_save_path = '/sessions'. does it matter where i wanna save?
or
what if i change the sess_driver to 'database' ? then the problem will solve? because i think the path is only when we are using file, am i right?
Reply
#20

(12-17-2015, 01:45 AM)Martin7483 Wrote: Strange thing is in your config you have this:
PHP Code:
$config['sess_cookie_name'] = 'ci_session'
Meaning the session filenames should start with ci_session follow by the session_id. And that is also not the case.
Are you the only one working on this project? And if you can, check the current online version to a version that was working before this error started

Hey Martin ,
yes I'm the only one person who is working on this project. actually it was the online version that I've post.
i think my website was working for 15 days and then that happened! But my tech support from the server said: I've update your php version from 5.4 to 5.5 so the problem solved!
Reply




Theme © iAndrew 2016 - Forum software by © MyBB