Session being reset on ajax call

[eluser]gRoberts[/eluser]
Hi all,

I've just come across a weird issue (since upgrading to 1.6.3 and then to 1.7) that when ever I do an ajax call, it resets the current active session.

Has anyone ever experienced this? I'm using a vanilla setup with the default setup for sessions.

Thanks

Gav

[eluser]manilodisan[/eluser]
Yep. CI also seems to have trouble keeping the session if multiple requests are made (or fast, concomitant ones)...

[eluser]gRoberts[/eluser]
Is there a possible solution?

[eluser]Vince Stross[/eluser]
I developed an AJAX heavy app in 1.6 and upgraded it to 1.7.0 without any problems. My sessions are operating the same way they were in 1.6.3.

I am storing my session data in mySQL - if that helps. Also, one thing that comes to mind is cookie name and domain in config.php. I have those both set, do you? I know those are not always required. Also be sure your encryption key is set in the config.php file. It's possible that without the encryption key set, CI is not recognizing the session because each call creates a new key? (total guess on that one, no basis in reality)

Reply with a dump of your config.php file and I'll compare it with mine.

[eluser]gRoberts[/eluser]
I've tried setting the cookie specific config settings but no joy. I'd understand if it were creating it's own session but its clearing my session at the same time.

As said, prior to upgrading, all was fine.

Thanks

Note: It seems the config is too large to paste in, so i've had to attach it.

[eluser]Vince Stross[/eluser]
Couple of questions:

Are you running any other instances of CI that might be using the same cookie name?

Code:

$config['sess_cookie_name'] = 'ci_session';

Have you tried to use the database for storing your cookie data?

Code:

$config['sess_use_database'] = TRUE;

This is my Session Variable config:

Code:

$config['sess_cookie_name'] = 'sumthing_unique';
$config['sess_expiration'] = 0;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'sessions_unique';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;

Try your expiration values, etc. I know this works because I am using it with AJAX and an authentication system that keeps a user logged-in, etc.

If you want to show me your related code just in case there's something there I would be happy to help.

Question: what are the "Core::IsSecure()" and "Core::MakeSecure()" function calls? Is that something custom?

[eluser]gRoberts[/eluser]
I have a core class that contains a number of supporting functions related to the current user (i.e. sessions).

IsSecure checks to see whether the request was made using https and if so, it updates all of the site_urls to use ssl.

I do have another instance running although this only seems to become a problem when using ajax.

I'll try changing the cookie name first.

Cheers

[eluser]gRoberts[/eluser]
Well by enabling the database based sessions, I can see whats happening...

The useragent is different when using ajax: XMLHTTP/1.0

So I think my ajax code will have to take the current user agent and pass it across.

Thanks

[eluser]gRoberts[/eluser]
how embarrasing lol

I've just gone to update my ajax scripts to pass across the browsers userAgent only to find I was setting it to the value I posted in my last post.

I removed it and it works perfectly fine lol

Sorry for wasting your time guys and gals...

Happy halloween those who celebrate it.

[eluser]Vince Stross[/eluser]
glad to know it was something easy to fix.