Welcome Guest, Not a member yet? Register   Sign In
url based sessions
#1

[eluser]Unknown[/eluser]
Hello everyone,

Please let me introduce myself in that section. I am a new user of CI and would like to ask if anybody tried to develope session system based on passing session ID in URL (I mean /controller/class/function/id/sess_id/ or similiar).

Recently I have faced a problem where some of customers claim to lose session data while switching between https<=>http pages on the same server. searching the web I have found that this is probably caused by deleted cookies during the above transtion (I am not sure if it is the whole true since I use the session_id passed in query string and still lost session occurs). The problem seems to be on client side since only some customers report this.

Please let me know the following issues:

1) using the controler/class/function/id system implemented in CI is it possible to pass sess_id between pages in a reasonable easy way

2) sice CI does not use GET variables has anyone tried to check https/http transition if it let preserve the url data

Regards
#2

[eluser]esra[/eluser]
Check the wiki for the various session libraries contributed by users. In particular, look at Db_session and Obsession to help solve your problem. Obsession has features that you might not immediately need for your current project, by it's nice to know they are available if you ever need them.
#3

[eluser]gavincali[/eluser]
There is currently no way I've seen to allow cookie-less sessions. Even http://codeigniter.com screws up without cookies on. The "Native-sessions" library module will attempt to pass the session via GET... and CodeIgniter breaks when we use GET. Even OBsession and DBsession rely on a minimal cookie.

My company needs the ability to have cookie-less sessions. Unfortunately, CodeIgniter seems to assume the world always uses cookies. If I'm wrong, I'd love to hear about how to fix this because I love the philosphy of simplicity that CI uses, as opposed to that mess called CakePHP.
#4

[eluser]Xandrios[/eluser]
Well you could write your own session Library. Enable it with autoload and that should work fine i guess. The only 'catch' here is that all your uri's should have the same layout: /controller/action/id/session. Otherwise things might get nasty. (Although you *could* write something that assumes that the last uri element is the sessionid. But i'd implement some serious rules so that you cant mistake a product id for a session, for instance Tongue
#5

[eluser]Unknown[/eluser]
[quote author="Xandrios" date="1184817423"]The only 'catch' here is that all your uri's should have the same layout: /controller/action/id/session. Otherwise things might get nasty. (Although you *could* write something that assumes that the last uri element is the sessionid. But i'd implement some serious rules so that you cant mistake a product id for a session, for instance Tongue[/quote]

Hi, this is the approach I am going to apply. To be sure that last (or first) element is a valid session number one can check it using regexp eg 32-length alphanumeric.
#6

[eluser]joeles[/eluser]
You guys may find this thread helpful.




Theme © iAndrew 2016 - Forum software by © MyBB