[eluser]tmcintosh[/eluser]
Hi there,
I'm fairly new to CodeIgniter and recently inherited a site that was partially completed in CI. It works for the most part, but there is one annoying issue that I can't seem to crack. Logged in users are getting randomly logged out.
I've googled for solutions as well as looked through the forums, and there seems to be a history of problems with sessions in general.
Originally the site was using Darius D.'s Native Session library file. I've now replaced that with the Session Hybrid library and enabled database support for the session data. That was helpful because it allowed me to see more of what was happening. It seems that multiple session id's are being generated (I've only seen 2 at a time so far). When a user logs in, the custom user data is associated with one of the session id's.
After some browsing of the site, the site get's "confused" and loads the page with the other session id that does not have the "logged in" user data associated with it. This makes the site appear as though the user is logged out. However, clicking to another page loads the site with right session id and the user now appears to be logged in.
The challenges with debugging this issue is that I can't recreate the scenario on my local machine, only on the remote server, which is a shared hosting server and I don't have access to the php.ini file or any other higher level server configs.
The big question is: Why is the site receiving 2 session id's at once, and how do I prevent that from happening?
I've wasted about 3 days worth of time on this problem and would appreciate some more experience assistance.
Specs:
• Code Igniter Version 1.7.3
• PHP 5.4.3
• Session Hybrid library used
• Database session support used
• Site is requesting and getting more than 1 concurrent session id
• Pages are getting confused between the logged in session id and the logged out session id and incorrectly displaying logged out pages ot users randomly
Also:
• Server clock is relatively close to my client time
• I've removed the underscore from the session cookie name in config (when using cookies)
• Was using with cookie originally and have now switched to database support instead
• It seems as though when a page loads, sometimes the CI code thinks that $_SESSION variable is empty when it should not be.
• I've commented out the code in the sess_update() so that is is not trying to regenerate a session id every 5 minutes.
Would really appreciate a solution! Able to pay with beer or coffee!!: )
