[eluser]Zorrocaesar[/eluser]
I have a very strange problem that involves sessions.
Here's the code:
the controller
Code:
function deleteImage()
{
$this->load->library('session');
$this->load->plugin('uuid');
//generates a random string
$data['uuid'] = uuid();
//sets the radom string generated above in the session array
$this->session->set_userdata('uuid', $data['uuid']);
//loads the html
$this->load->view('content', $data);
}
between the above and the below, sit a view file and a javascript file, which contain the the image file name and respectively make a request to another controller function(see below) with the file name. The
$data['uuid'] value from above is also sent in the request via the POST method.
the ajax function
Code:
function imageDelete()
{
$this->load->library('session');
//if the uuid stored in the session and the uuid send via ajax are different, exit
if ($this->session->userdata('uuid') != $this->input->post('uuid'))
{
echo "Your request is not valid.";
exit();
}
//try to delete the image and send result back to browser
if (!unlink($path.$this->input->post('thumbnail')))
$data['error'] = "Error while deleting image.";
else
$data['msg'] = "Image was deleted.";
echo json_encode($data);
}
As you see, I am using a random generated number which I store in the session and also in the html page and than send via POST. The receiving function checks to see if the random number in the session is the same with the one sent via POST. This is to prevent unauthorized access to the image delete function.
All works well. The image is deleted and the ok message is sent back to the browser via ajax. Only one problem though:
after the ok message is displayed via ajax, the uuid value in the session changes, so another request to the ajax function will not be allowed.
I have looked at the code over and over again, but I cannot figure it out why the value in the session changes. Please help!
