Encrypted session BLOB? |
(01-31-2017, 11:44 AM)Narf Wrote: ... override CI_Session:: sess_regenerate() to carry over the value when regeneration happens. ... Sorry to bug you again but I couldn't figure out what you meant by this part. I couldn't find a way to "carry the value" over. I couldn't see any way to basically get it to the write() function of the DB Session driver without extending that class (which I've seen you mention elsewhere is a bad idea for future-proofing). Even without extending it though, the insert/update data is set within the write() function so how would you update the new session without sending a new query to do it *after* the write() function? Am I missing something simple here?
session_regenerate_id() will trigger a write() call, and thus - you can update it right after that.
(02-01-2017, 11:23 AM)Narf Wrote: session_regenerate_id() will trigger a write() call, and thus - you can update it right after that. That's exactly what I tried. The line after session_regenerate_id() I got the new session ID with session_id() and attempted to update the row in the database via the new session ID but it didn't update, leading me to believe write() was not being called until *after* sess_regenerate() finished and therefore the row didn't exist yet to modify. Any idea why this is happening?
I guess session_regenerate_id() doesn't trigger an immediate write() call then ... that may differ in between PHP versions.
A hacky work-around to that would be to do this: Code: session_regenerate_id(); A more clean solution is to have a separate table instead of an additional field, using the session ID as a reference between the two.
Interesting. Not quite sure how best to keep a second table in sync but I'll see what I can come up with!
Thanks for your help and advice, I really appreciate it. |
Welcome Guest, Not a member yet? Register Sign In |