Welcome Guest, Not a member yet? Register   Sign In
Session expires or doesn't get set?


I have a very simple login script using CI's session class. Most users don't experience any problems, but a few of them do, all located in another country and timezone (my server is based in the Netherlands, and the users are based in Brazil) login.

Whenever they login, the session is lost when refreshing the page. I checked if they allow cookies. Could this timezone difference be causing the problems? And if so, is there a solution for this problem?

For reference, I've added the login function (uses ajax technology, by the way) and my session config.

function do_login($user_input) {
        $query = $this->CI->db->getwhere('users', array('username' => $user_input['username'], 'password' => md5($user_input['password'])));
        if($query->num_rows()) {
            $user_data = $query->first_row('array');
            $this->CI->db->where('id', $user_data['id']);
            $this->CI->db->set('logindate', date('Y-m-d H:i:s'));
            $this->CI->session->set_userdata('userid', $user_data['id']);        
            $data['username'] = $user_input['username'];
            $this->objResponse->Assign("login","innerHTML", $this->CI->load->view('loggedin', $data, true));
      else {
          $this->objResponse->alert('Sorry, login incorrect. Please try again!');
      return $this->objResponse;  

$config['sess_cookie_name']        = 'ci_session';

$config['sess_expiration']        = 7200;

$config['sess_encrypt_cookie']    = FALSE;

$config['sess_use_database']    = TRUE;

$config['sess_table_name']        = 'ci_sessions';

$config['sess_match_ip']        = FALSE;

$config['sess_match_useragent']    = TRUE;

$config['sess_time_to_update']         = 300;
Thanks in advance!
Cheers, Michiel

The timezone difference may indeed be the problem. I had experienced a similar issue and I solved it by doing this in config.php:

$config['time_reference'] = 'GMT';

My problem was that the CI session got reset after about 3 minutes.

As you probably know, cookie lifetimes depends on both the server and the client agreeing on what time it is, and when they don't strange things happen. I can only guess that this is what was happening to me.

Another, less elegant, solution that also worked for me was to set "sess_time_to_update" to a value that will cover the time shift. But since you cannot predict what the shift may be between the server and an arbitrary user, you would have to enter a very big value.

So, setting time_reference to GMT really seems to be the most reliable way of solving this, at least in my case.

Theme © iAndrew 2016 - Forum software by © MyBB