• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Ajax and Session loss

#1
[eluser]kenjis[/eluser]
CI's default 5 min session updating can cause session loss when more than 2 requests come at the same time, most of cases with Ajax calls.

Many people get stuck to this issue.

http://ellislab.com/forums/viewthread/167310/
http://ellislab.com/forums/viewthread/102456/

How about stopping session update in case Ajax call?

Code:
--- a/system/libraries/Session.php    Tue Sep 14 18:45:42 2010 -0500
+++ b/system/libraries/Session.php    Wed Sep 15 10:02:06 2010 +0900
@@ -340,6 +340,12 @@
      */
     function sess_update()
     {
+        // Skip the session update in case Ajax call
+        if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest')
+        {
+            return;
+        }
+
         // We only update the session every five minutes by default
         if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now)
         {

Note: You need to send X_REQUESTED_WITH header manually if you use jQuery or so.

#2
[eluser]InsiteFX[/eluser]
Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**
* ------------------------------------------------------------------------
* CI Session Class Extension.
* ------------------------------------------------------------------------
*
*
*/

class MY_Session extends CI_Session {
   /*
    * Do not update an existing session on ajax calls
    *
    * @access    public
    * @return    void
    */
    public function sess_update()
    {
        if ( ! IS_AJAX())
    {
            parent::sess_update();
        }
    }

    public function sess_destroy()
    {
    parent::sess_destroy();

    $this->userdata = array();
    }

}

// ------------------------------------------------------------------------
/* End of file MY_Session.php */
/* Location: ./application/libraries/MY_Session.php */

InsiteFX

#3
[eluser]kenjis[/eluser]
My proposal is to fix CodeIgniter Session Class, not to extend it.

#4
[eluser]CroNiX[/eluser]
And having the profiler enabled destroys just about any and all ajax because it always appends the profiler html along with the output from any request made to that controller/method.

#5
[eluser]InsiteFX[/eluser]
Ok sorry, that's what happens when your on the web all day...

InsiteFX

#6
[eluser]cyrigniter[/eluser]
hi,
i'm digging this post up cause I have the very same issue (session loss due to ajax calls)

I didn't get the workaround : i should hard hack the CI session class ? there is no better way ?

EDIT : totally fixed
InsiteFX's workaround is good (I just defined a IS_AJAX constant in constants.php instead of using IS_AJAX() function which I don't know about)

#7
[eluser]kenjis[/eluser]
patch to current ci tip:

Code:
diff -r 0bff9acdc441 system/libraries/Session.php
--- a/system/libraries/Session.php    Mon May 09 21:14:37 2011 +0100
+++ b/system/libraries/Session.php    Fri May 13 10:18:23 2011 +0900
@@ -341,6 +341,12 @@
      */
     function sess_update()
     {
+        // Skip the session update in case Ajax call
+        if ($this->CI->input->is_ajax_request())
+        {
+            return;
+        }
+        
         // We only update the session every five minutes by default
         if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now)
         {


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.