• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
forceHTTPS and session()

#1
I'm not sure where to talk about this.



but '$this->forceHTTPS' must be called before '$session = session();' or else your session variable might be loss. This warning should be made into user guide.



I'm spent lot of times finding why my flash message is missing.



I have login page and user administration. It calls secure page, while other page is not encrypted to lighten processor load.



So in config\App, the base url is using 'http', not 'https'. Also 'forceGlobalSecureRequest' is not enabled. That makes website using not secure page (http). When I want to send important data, I call 'forceHTTPS' and in form action, I use 'site_url('target_path','https').

On my login and user administration pages, which is using same controller, the user messages is passing through as flash message and passed succesfully.


However, the other secure pages, also calls forceHTTPS, the user flash messages is gone.



It turns out that the login class is extended from system Controller and called $this->forceHTTPS before calling $session = session(). The flash message is passed as intended.



On the other pages, it using controller class which extended from BaseController and called '$this->session = \Config\Services::session();' on  parent 'initController' function. However, some controller function calling $this->forceHTTPS and the flash messages is gone. This means the 'forceHTTPS' is called after $this->session = \Config\Services::session() because the session is called from parent controller function.



After I change the order, forceHTTPS before $this->session = \Config\Services::session();, the flash message passed successfully.
Reply


Messages In This Thread
forceHTTPS and session() - by anthos1984 - 03-26-2020, 12:13 AM
RE: forceHTTPS and session() - by anthos1984 - 03-28-2020, 02:58 PM
RE: forceHTTPS and session() - by InsiteFX - 03-29-2020, 08:07 AM
RE: forceHTTPS and session() - by anthos1984 - 03-29-2020, 10:04 AM
RE: forceHTTPS and session() - by jreklund - 03-29-2020, 11:39 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.