• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Display Above Root Image with a controller on CI3-RC2

#11
(02-10-2015, 01:19 PM)Narf Wrote: Also, FYI: 3.0rc2 != 3.0.2 Smile

Upsss!!! you're right!

I'm giving up with this thing. I will try on a live server from a different computer just in case this may be a local thing. Below are the final settings:

http://localhost/codeIgniter-3.0.2/gallery.html

GET /codeIgniter-3.0.2/gallery.html HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost/codeIgniter-3.0.2/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Tue, 10 Feb 2015 22:25:10 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1j PHP/5.6.3 mod_perl/2.0.8-dev Perl/v5.16.3
X-Powered-By: Codeigniter 3.0
Set-Cookie: ci_session=420bcfc1124d41125a85a43c12319245a11adb19; path=/; domain=http://localhost/codeIgniter-3.0.2; HttpOnly
Last-Modified: Tue, 10 Feb 2015 21:25:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1850
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8


$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0;
$config['sess_save_path'] = '/opt/lampp/htdocs/codeIgniter-3.0.2/sessions/';
$config['sess_match_ip'] = TRUE;
$config['sess_time_to_update'] = 1;
$config['sess_regenerate_destroy'] = FALSE;

$config['cookie_prefix'] = '';
$config['cookie_domain'] = 'http://localhost/codeIgniter-3.0.2';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = TRUE;

As last resource I am thinking on use encrypted session data to add security and the below alternative some where in the session_files_driver;

foreach (glob(SYSDIR . "/sessions/ci_session*") as $file)
{
if (filemtime($file) + $this->sess_expiration < time() && file_exists($file))
{
unlink($file);
}
}

Thank You for all your help!
Reply

#12
Oh ...

Quote:$config['sess_time_to_update'] = 1;

^ This forces session ID regeneration every second.

Quote:$config['cookie_domain'] = 'http://localhost/codeIgniter-3.0.2';

^ And this is far from a valid domain. 'localhost' is the domain in that thing.

Please don't try to to do something "because security" on your own ... you obviously don't understand how it works and you'll likely to screw it up.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.