| AJAX requests to controllers are causing sessions to be lost |
[eluser]Zelf[/eluser]
I am using 1.7.2 with CI session library and database for storage of session data. On my localhost session is maintained across all pages of site using AJAX. On the production server any page that makes an AJAX request in background to a controller causes the session to be lost. If I disable the AJAX sessions persist. Any ideas how to fix this or what I am doing wrong? I've read tons of posts. I just don't see what my logic error is here.
[eluser]Zelf[/eluser]
Anybody know what I am doing wrong? I have tried the blasted cookie domain with .mysite.com and mysite.com and www.mysite.com and none of them work. On my local system if I set the cookie_domain in config to .127.0.0.1 it works perfectly. On my production server it does not. Obviously I am doing something totally stupid here. Just can't figure out what it is. Any help would be greatly appreciated.
[eluser]kenjis[/eluser]
How about investigating HTTP cookie headers? For example, with Live HTTP Headers https://addons.mozilla.org/ja/firefox/addon/3829/
[eluser]Zelf[/eluser]
[quote author="Kenji @ CodeIgniter Users Group in Japan" date="1284443396"]How about investigating HTTP cookie headers? For example, with Live HTTP Headers https://addons.mozilla.org/ja/firefox/addon/3829/[/quote] I installed it. The cookies seem correct. What can I look for that will tell me why I am losing my sessions though?
[eluser]Zelf[/eluser]
I've narrowed down the issue to ajax calls. Why this is working on the localhost is still perplexing me. So when a call is made from an ajax script to a controller in the backgrounds the session is lost. Any ideas anybody???
[eluser]Zelf[/eluser]
Had to install native sessions by dariusz to get the site working again. Still would like to know what the problem was. Spent 8 hours today trying to understand what was not working in my Ajax requests. They were just simple calls to controllers. What is the difference between clicking a hard coded link to /mycontroller/mymethod and and AJAX request triggered by something that is hard coded to /mycontroller/mymethod ????? Wish someone would chime in from CI dev. Just want to know what I was doing wrong in my AJAX calls.
[eluser]CroNiX[/eluser]
I've noticed this behavior when many ajax requests are sent to the server in a short amount of time. Its fine on localhost because they usually come back in order because there is no lag, but on the net they can get out of order and causes problem. It doesn't have anything to do with CI though...maybe its just how you are using ajax.
[eluser]Zelf[/eluser]
[quote author="CroNiX" date="1284459196"]It doesn't have anything to do with CI though...maybe its just how you are using ajax.[/quote] I can't agree with you on this. I am only sending 2 Ajax requests for small views in the background on page load. I am using the prototypejs library. Pretty standard. Finally, the problem was completely resolved when I put the dariusz native session class into /application/libraries. So it is most likely a CI issue specifically with sessions. I am not at all harping on CI. Love it! Just can't understand what in CI or what I may have been doing in calling controller with AJAX that would kill the sessions on my production server, but not localhost.
[eluser]WanWizard[/eluser]
This issue has been discussed lots of times here. CI contains an security option against session fixation, where (by default) every 300 seconds the session id is rotated. If this happens during an ajax call, the session id is updated server side, but no cookie is send to the client with the new session id (because of the ajax call). This causes the session to be lost at the next page request. Search for IS_AJAX and sess_update here to find the solution.
[eluser]InsiteFX[/eluser]
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');InsiteFX |
| Welcome Guest, Not a member yet? Register Sign In |
