multiple cookies in page headers

#1
[eluser]druid100[/eluser]
i just noticed that within the page headers there are 5 cookies of the same name, thus increasing the size needed to encode the cookies by roughly 5 times. taking into account that the last cookie wins i did some testing.

it turns out that whenever sess_write in Session.php calls setcookie() a new cookie (of the same name) will be added to the page response headers.

sess_write is called by sess_create, sess_update, set_userdata, unset_userdata. even without calls from myself to set_userdata / unset_userdata the sess_write function is called several times.

i thought that the session lib would collect all session data and perform one setcookie before the page is sent to the browser which would result in one cookie sent to the browser.

can anybody clarify this? is there somethin i do miss in terms of configuration? sending several cookies which overwrite themself to the browser does not seem to be right.

#2
[eluser]narkaT[/eluser]
consider someone uses this code:

Code:
$this->session->set_userdata('foo', 'bar');
redirect('/foobar');

the redirect-function terminates the script execution with exit,
after sending the Location header.
so the session lib can not detect when the cookies have to be sent
to the browser.

the only solution is to update cookie as soon as changes to the session-data occur Wink

#3
[eluser]druid100[/eluser]
that is not a solution to my problem. i want to use multiple set_userdata. what i do not want is that each set_userdata immediately sends a cookie.

i expected that ci takes care of sending the unqiue(!) cookies before the page is rendered (sent to the browser).

#4
[eluser]narkaT[/eluser]
[quote author="druid100" date="1226951761"]that is not a solution to my problem. i want to use multiple set_userdata. what i do not want is that each set_userdata immediately sends a cookie.[/quote]

the first thing that came into my mind was to extend the session lib and adding
a destructor which sets the cookies before the script shuts down.
but thats not possible as this little note in the php manual states:
Quote:Note: Destructors called during the script shutdown have HTTP headers already sent.[...]

with this knowlegde I would claim it's simple not possible to do that automatically.

you could although extend the session lib and add a "flush_cookie" method
which you call after updating your session data to update the cookie.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.