Welcome Guest, Not a member yet? Register   Sign In
Session persistence problems
#1

[eluser]Nick Jennings[/eluser]
Hi Everyone,

I'm new to CodeIgniter and am trying to implement some basic session management, but it seems everytime I reload the page, I get a new session_id. Am I missing some key element here? I've read the docs on sessions and don't see anything wrong I'm doing.

Here is a simple test case:


In the controller I use:
Code:
$this->load->library('session');

In before passing to the view, I grab the session ID:
Code:
$data['session_id'] = $this->session->userdata('session_id');

When I print the session_id var in the view, I get a new session ID on each page reload.

I think I'm overlooking something very simple, any help is greatly appreciated.
Thanks,
Nick
#2

[eluser]Nick Jennings[/eluser]
Oh, and here is my configuration regarding sessions.

Code:
$config['sess_cookie_name']        = 'foobar';
$config['sess_expiration']        = 1800;
$config['sess_encrypt_cookie']    = TRUE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']        = 'sessions';
$config['sess_match_ip']        = TRUE;
$config['sess_match_useragent']    = TRUE;
$config['sess_time_to_update']     = 1800;


[quote author="nerohj" date="1230679029"]Hi Everyone,

I'm new to CodeIgniter and am trying to implement some basic session management, but it seems everytime I reload the page, I get a new session_id. Am I missing some key element here? I've read the docs on sessions and don't see anything wrong I'm doing.

Here is a simple test case:


In the controller I use:
Code:
$this->load->library('session');

In before passing to the view, I grab the session ID:
Code:
$data['session_id'] = $this->session->userdata('session_id');

When I print the session_id var in the view, I get a new session ID on each page reload.

I think I'm overlooking something very simple, any help is greatly appreciated.
Thanks,
Nick[/quote]
#3

[eluser]Michael Wales[/eluser]
What are these settings:
Code:
$config['cookie_prefix']    = '';
$config['cookie_domain']    = '';
$config['cookie_path']        = '/';

Also, you probably don't want to match IP as a user's IP address could change at anytime, making them receive a new session ID.
#4

[eluser]Nick Jennings[/eluser]
Hi Michael,

Here are my cookie settings:

Code:
$config['cookie_prefix']    = "cmdforms";
$config['cookie_domain']    = "localhost";
$config['cookie_path']        = "/";

I'm running this on my local machine during development, hence the 'localhost'.

The reason I have the match_ip set is because this is for an order form, so my thinking was that it's safer to have them logged out on the off chance their IP changes in the middle of session (which is not so common), rather than risk any hijacked session. Not sure if my reasoning is justified though.

BTW - enjoyed the drunken code igniter vid Smile I'm using some tips I learned from that for this order form script.
-Nick

[quote author="Michael Wales" date="1230690083"]What are these settings:
Code:
$config['cookie_prefix']    = '';
$config['cookie_domain']    = '';
$config['cookie_path']        = '/';

Also, you probably don't want to match IP as a user's IP address could change at anytime, making them receive a new session ID.[/quote]
#5

[eluser]Nick Jennings[/eluser]
Just a little note in case anyone has this problem, I fixed it by unsetting the cookie_prefix and cookie_domain - I guess I misunderstood the purpose of those fields, still not 100% sure why I get the behavior I reported when setting those values, but anyway things seem to be working OK now.

Cheers,
Nick

[quote author="nerohj" date="1230945491"]Hi Michael,

Here are my cookie settings:

Code:
$config['cookie_prefix']    = "cmdforms";
$config['cookie_domain']    = "localhost";
$config['cookie_path']        = "/";

I'm running this on my local machine during development, hence the 'localhost'.

The reason I have the match_ip set is because this is for an order form, so my thinking was that it's safer to have them logged out on the off chance their IP changes in the middle of session (which is not so common), rather than risk any hijacked session. Not sure if my reasoning is justified though.

BTW - enjoyed the drunken code igniter vid Smile I'm using some tips I learned from that for this order form script.
-Nick

[quote author="Michael Wales" date="1230690083"]What are these settings:
Code:
$config['cookie_prefix']    = '';
$config['cookie_domain']    = '';
$config['cookie_path']        = '/';

Also, you probably don't want to match IP as a user's IP address could change at anytime, making them receive a new session ID.[/quote][/quote]
#6

[eluser]mrmeyers99[/eluser]
I'm having this same problem. I checked those config variables and they are blank. It seems like it works sometimes and sometimes it doesn't. I think it might be a Chrome problem. For some reason right now the sessions are working fine in Firefox but not in Chrome. How would I fix that?
#7

[eluser]jtan[/eluser]
i also have this problem, but leaving the cookie_prefix and cookie_domain blank solve the problem
#8

[eluser]sherwoodforest[/eluser]
extra session stuff happening to me
$config['sess_cookie_name'] = 'thexxxxxxxxx';
$config['sess_expiration'] = 7200;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'ci_sessionsmaping';
$config['sess_match_ip'] = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update'] = 300;

/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path' = Typically will be a forward slash
|
*/
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";

I have session library auto loaded

in my test environment I end up with 3 session id's with the same IP address,and user agent. but only one with my userdata
Help where should I look for the cause?
#9

[eluser]WanWizard[/eluser]
If one page request causes three session records, check your application and your rewrite rules, because something in your page gets rewritten to index.php causing a new request ( a missing asset? ).

And as said above, you're cookie domain and path may not be empty. Any decent browser will reject it.
#10

[eluser]sherwoodforest[/eluser]
thank you




Theme © iAndrew 2016 - Forum software by © MyBB