Welcome Guest, Not a member yet? Register   Sign In
Consistent set cookie failure
#1

[eluser]coolgeek[/eluser]
I've been experiencing random session issues which I have determined are the result of the cookie not being set. The random nature of the issue has been enormously frustrating, but I have finally isolated a repeatable instance where my cookie is not being set.

Some quick declarations based on prior research of the issue:

- I am using the database for sessions
- I have set my cookie domain (to the actual domain name, not mysite.com)
- The problem occurs in both FF and IE

My session and cookie configuration:

Code:
$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 0;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update']  = 300;
$config['cookie_prefix']        = "";
$config['cookie_domain']        = ".mysite.com";
$config['cookie_path']          = "/";

I've stripped down my offending controller to the following:

Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Invitation extends Controller {

    function __construct()
    {
        parent::Controller();

        $this->load->library('form_validation');
        $this->load->helper('email');
        $this->load->helper(array('url'));
        $this->output->enable_profiler(true);
    }

    function index() {
        $data['title'] = "Invite user";
        $data['mview'] = "invitation";

        $this->form_validation->set_rules('email', 'Email', 'trim|required|strip_tags|valid_email');
                            
        $imsg = "";
        if ($this->input->post('submit')){
            $this->session->set_flashdata('invite_message', $imsg);
            redirect($this->input->post('current_url'));
        }

        $this->load->vars($data);
        $this->load->view('template', $data);
    }
}

I had initially identified the problem as always occurring when both the flashdata and redirect statements were executed, but that the problem would not occur if I commented out either one of the two statements.

Several threads indicate that this combination of flashdata/redirect can be problematic when not using a database to store sessions. I am in fact using a database to store sessions, so that does not seem to be my issue.

With that as background, I am also using a couple of session overrides, the sources of which are specified in the function comments:

Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    
    /*
    ** MY_Session Class
    **
    ** Extends the core CI_Session
    **
    */
    class MY_Session extends CI_Session {


    function __construct()
    {
        parent::CI_Session();
    }


    /*
    ** sess_update
    **
    ** skip update on AJAX requests
    **
    ** http://ellislab.com/forums/viewthread/138823/
    **
    */

    function sess_update()
    {
        // skip the session update if this is an AJAX call!
        if ( ! IS_AJAX )
        {
            parent::sess_update();
        }
    }


    /*
    ** _set_cookie
    **
    ** Override default 60x60x24x365x2 behavior.  Destroy session after $this->sess_expiration or on browser close
    **
    ** http://ellislab.com/forums/viewthread/131152/
    **
    */

    function _set_cookie($cookie_data = NULL)
    {
        if (is_null($cookie_data))
            $cookie_data = $this->userdata;

        $cookie_data = $this->_serialize($cookie_data);

        if ($this->sess_encrypt_cookie == TRUE)
            $cookie_data = $this->CI->encrypt->encode($cookie_data);
        else
            $cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
            
        /*
        ** The only time $this->sess_expiration will be equal to this value is when
        ** $config['sess_expiration'] is set to "0". We're just making sure it
        ** stays this way.
        */
        if ($this->sess_expiration == 63072000)
            $this->sess_expiration = 0;
        else
            $this->sess_expiration = $this->sess_expiration + time();

        setcookie($this->sess_cookie_name, $cookie_data, $this->sess_expiration, $this->cookie_path, $this->cookie_domain, 0);
    }
}
    
/* End of file MY_Session.php */
/* Location: ./application/libraries/MY_Session.php */

I was surprised to discover that the problem did not recur when I eliminated MY_Session.php. Subsequent research narrows the issue down to the _set_cookie function.

So, to summarize, the problem only occurs when all three of the following steps are involved:

- function _set_cookie is overriden, and
- flashdata gets set, and
- I redirect

But the problem will not occur if I remove any one of the three steps is removed.

(To be precise, I should state that the problem is not consistently repeatable when one of the steps is removed. Given the random occurrence of failure in setting cookies (from other controllers, as well as this one), that I noted at the beginning of the post, I cannot state definitively that the problem will never occur if I remove one of the steps.)

I have compared the MY_Session._set_cookie function with the Session._set_cookie function and cannot see a problem.


So does anybody have any ideas as to why my cookie isn't getting set?




Theme © iAndrew 2016 - Forum software by © MyBB