Welcome Guest, Not a member yet? Register   Sign In
AJAX and CI Session (v1.7) w/DB
#7

[eluser]Padraig Kennedy[/eluser]
[quote author="waspfactoryuk" date="1233258476"]The thing is, it’s not unexpected - it’s even documented and operating exactly as per spec. Therefore it’s a feature and not a bug.[/quote]
Here's what the documentation on the Session class says:

Quote:The Session class permits you maintain a user's "state" and track their activity while they browse your site.

When two or more parallel requests are made at the same time, the session class will intermittently fail to maintain a user's state. I call that a bug. At best, it's an undocumented limitation — it is not a feature.

[quote author="waspfactoryuk" date="1233258476"]Regardless of whether the server is running CI or not, updating the session with a new ID will mess up things for AJAX. The approach just isn’t suitable where AJAX is concerned.[/quote]

Many sites implement sessions & AJAX flawlessly. This bug is specific to Code Igniter's Session.php implementation and can be fixed.
[quote author="waspfactoryuk" date="1233258476"]You can always set a long expiry time in the config and then set ‘sess_time_to_update’ slightly bigger if you want to avoid getting kicked off but then you’re relying on the user to log off to destroy the session.[/quote]
I don't want the session to last forever; I want it to expire after a period of inactivity.

[quote author="waspfactoryuk" date="1233258476"]
However, looking at the Session.php file, it seems like the session expiry is based on last activity not creation time (although the sess_time_to_update will be based on creation time of course otherwise it wouldn't get updated as long as requests arrive).

Line 171...
Code:
// Is the session current?
if (($session['last_activity'] + $this->sess_expiration) < $this->now)
{
    $this->sess_destroy();
    return FALSE;
}

I'm not sure why it's not working for you. Just set sess_time_to_update to something like 2 years and job done.[/quote]

This approach doesn't work in practice. When the session is created, "sess_create()" calls "_set_cookie()" which writes a cookie as follows:

Code:
// From line 675, Sessions.php
// Set the cookie
setcookie(
            $this->sess_cookie_name,
            $cookie_data,
            $this->sess_expiration + time(),
            $this->cookie_path,
            $this->cookie_domain,
            0
        );
The web browser will expire this cookie after "$this->sess_expiration + time()". This is usually updated by a call from "sess_update()", so typically it is not a problem. As soon as you set sess_time_to_update > sess_expiration, however, "sess_update()" will never run and the cookie will never get updated. So in this context, sess_expiration is in fact measured from when the session was created.


Messages In This Thread
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-15-2009, 09:48 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-28-2009, 05:03 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 04:46 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 06:20 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 07:03 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 07:47 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 11:41 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 01:35 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 01:50 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 03:10 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 05:07 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 05:19 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-29-2009, 05:45 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 04-08-2009, 04:35 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 04-08-2009, 05:11 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 04-08-2009, 07:23 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 05-13-2009, 03:33 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 05-13-2009, 07:26 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 05-13-2009, 08:38 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 05-14-2009, 03:34 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 05-14-2009, 03:43 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 01-27-2011, 08:11 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-07-2012, 03:50 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-07-2012, 05:44 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-18-2014, 02:37 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-18-2014, 04:48 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-19-2014, 03:55 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-21-2014, 12:35 PM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-23-2014, 10:06 AM
AJAX and CI Session (v1.7) w/DB - by El Forum - 02-23-2014, 10:17 AM



Theme © iAndrew 2016 - Forum software by © MyBB