Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Session quickfix
Session quickfix
  • El Forum
    Guest
  •  
#1
06-18-2009, 08:08 AM

[eluser]Maglok[/eluser]
I have just inherited a CodeIgniter application that works with sessions. I have read up quickly and am unsure of a piece of code:

Code:
if(strtolower($login[0]['title'][0]) == 'student')
            {
                $this->CI->session->set_userdata(array('student' => true));
            }
            if(strtolower($login[0]['title'][0]) == 'medewerker')
            {
                $this->CI->session->set_userdata(array('medewerker' => true));
            }
            //Destroy old session
            $this->CI->session->sess_destroy();
            
            //Create a fresh, brand new session
            $this->CI->session->sess_create();

I am wondering if this code uses a set_userdata() then destroys the old session and creates a new one, doesn't the code then just... Set something and delete it before using it?

I am trying to nail a problem with the login here and the session are just a tad bit confusing.
  • El Forum
    Guest
  •  
#2
06-18-2009, 08:41 AM

[eluser]gtech[/eluser]
That code looks like it does what you suggest and it does look like a bug, as you want to be setting the data after the destroy and create. if you look at the session code in the libraries directory you can see sess_destroy deleting the session from the database and removing the cookie

here is the documentation on what sess_destroy does:
Code:
Destroying a Session

To clear the current session:
$this->session->sess_destroy();

Note: This function should be the last one called,
and even flash variables will no longer be available.
If you only want some items destroyed and not all, use unset_userdata().
which also implies the code you have is a bit odd.

I have read in some posts that sess_destroy does delete the db but not the cache as data can still be echoed. [url="http://ellislab.com/forums/viewthread/94981/"]http://ellislab.com/forums/viewthread/94981/[/url] don't know if this has been fixed.

But looking at the session code; Even if the destroy session does not work the sess_create() function should overwrite the array as a new one is created.
  • El Forum
    Guest
  •  
#3
06-19-2009, 12:42 AM

[eluser]Maglok[/eluser]
That is what I figured, but I had indeed read about the session class acting odd. So basically the top if's are obsolete. Thanks.




Theme © iAndrew 2016 - Forum software by © MyBB