Session problem in Internet Explorer

[eluser]MattiasPersson[/eluser]
Hi There!
I've been using CI for a while now and is very satisfied.

On my most recent project however, I encountered a problem. On both IE8 and IE9 the session dies directly after page reload. Since I'm setting the login session in my controller, it means the login session dies and redirects back.

I've tried this on 3 different computers with IE8 and 9, it just doesn't work. It works fine in any other browser though.

I've also tried:
- The Native session library.
- Changing config variables to remove underscores (ci_session becomes cisession and so on).
- The Dariusz Debowczyk's Session Class.
- Using normal php $_SESSION variables instead of built in $this->session->set_userdata alternative.
- Setting session directly in views just to see if it lasts (it dies right after page reload in IE).
- Checked server time, it's the same on any browser including IE and on any computer.
- Much more...

Any ideas would be much appreciated.

[eluser]CroNiX[/eluser]
Could be the security settings in IE not allowing cookies.

[eluser]InsiteFX[/eluser]
IE Web Broswers cookie settings;

1) Click on internet options.
2) Click on Privacy tab.
3) Click the Advanced button.
4) Check override automatic cooking handling.
5) Set first party and third party cookies.
6) Check allways allow session cookies.

Works for me fine.

[eluser]MattiasPersson[/eluser]
That doesn't work either. I've tried setting it to ask every time too, but it doesn't seem to notice any cookies being set

[eluser]MattiasPersson[/eluser]
I'm pretty sure I've found the solution!!

I mentioned I tried changing the config variable to remove underscores. I believe the same thing goes for the domain name.

Since I set my Internet Explorer settings to ask every time a cookie is supposed to be set, I noticed IE starts asking the cookie question as soon as you enter a website where cookies are used. However, when I visited my website it didn't even ask, even though I used the same code on another domain where it would work.

Conclusion: Remove underscores from all domain names or ban IE (I prefer the last option).

Thanks for your help guys.

[eluser]CroNiX[/eluser]
Well there you go. Domain names shouldn't have underscores, ever. Google "domain name underscore"

The Internet standards (Request for Comments) for protocols mandate that component hostname labels may contain only the ASCII letters 'a' through 'z' (in a case-insensitive manner), the digits '0' through '9', and the hyphen ('-'). The original specification of hostnames in RFC 952, mandated that labels could not start with a digit or with a hyphen, and must not end with a hyphen. However, a subsequent specification (RFC 1123) permitted hostname labels to start with digits. No other symbols, punctuation characters, or white space are permitted.
While a hostname may not contain other characters, such as the underscore character (_), other DNS names may contain the underscore.[2] Systems such as DomainKeys and service records use the underscore as a means to assure that their special character is not confused with hostnames. For example, _http._sctp.www.example.com specifies a service pointer for an SCTP capable webserver host (www) in the domain example.com. Note that some applications (e.g. IE) won't work correctly if any part of the hostname will contain an underscore character.[3]