Welcome Guest, Not a member yet? Register   Sign In
Session table redundant records problem
#1

Hi all,

I've been using Codeigniter for many years since 1.x versions.
The question I have is about Session library behavior, which I'm struggling to solve.

We recently upgraded PHP to 7.2 and also moved the application to CI 3.1.9 codebase.
In the 1.x and 2.x versions Session were not working properly (users were periodically logged out without a reason) and we used OB Session library, which was not supported for long time, but old code was working just fine.

With move to 3.1.9 we moved the core codebase, however, used old OB Session as a replacement for the moment, and it still works.

But due to wish to increase performance and security, we'd like to move to native Session of CI and this where problems started.

The application we have uses pages loads and makes periodic AJAX calls, which are initiated either on page load finish autoamtically, or by user action, e.g. by click on menu. Within AJAX controllers we need session parameters, e.g. to check access rights for user.

We want to have DB storage, and use MySQL. Initially tried the following settings:
$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

The problem was that when I load page, and then wait 5 minutes (time for session update) the new session ID was generated and saved in DB table, however, the old one was not removed. So it was left there for garbage collector to remove it later. Due to heavy use on the site, we don't want session table to explode, and would like to have just one latest session ID record in DB for active user.

For this I tried last parameter, which seems to be responsible for this and set:
$config['sess_regenerate_destroy'] = TRUE;

After this the situation worsen, and each page load was generating new session ID record. If there is ajax call on the same page, then e.g. when user loads one page and then ajax call is initiated, there appear two new Session ID records in database. And basically each new page load adds new records to Session table, and old records are not deleted at all.

We load session only in autoload config.

Will appreciate any advice here. What we want is to have one Session ID associated with one user stored in DB. If session ID is regenerated, then previous entry to be removed. Also if the same page loads and same session ID to be used for page load and also for all ajax calls of the same user from the same browser.

Thank you for help in advance!
Reply


Messages In This Thread
Session table redundant records problem - by Volder - 10-07-2018, 12:49 AM



Theme © iAndrew 2016 - Forum software by © MyBB