I am using IS_AJAX but sometimes still get disconnects

#1
[eluser]SPeed_FANat1c[/eluser]
I put

Code:
// Define Ajax Request
define('IS_AJAX', isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');

system/application/config/constants.php

and

Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**
* ------------------------------------------------------------------------
* CI Session Class Extension.
* ------------------------------------------------------------------------
*
*
*/

class MY_Session extends CI_Session {
   /*
    * Do not update an existing session on ajax calls
    *
    * @access    public
    * @return    void
    */
    public function sess_update()
    {
        if ( ! IS_AJAX)
        {
            parent::sess_update();
        }
    }

    function sess_destroy()
    {
        parent::sess_destroy();

        $this->userdata = array();
    }

}

// ------------------------------------------------------------------------
/* End of file MY_Session.php */
/* Location: ./application/libraries/MY_Session.php */

called it MY_Session.php and added to system/application/libraries

and still get random disconnects. Now more rarely but still. What else can be causing those disconnects?

#2
[eluser]dudeami0[/eluser]
If your using the database option for sessions, this seems to be a problem with two concurrent requests that are not ajax related (Even with the AJAX fix). Like you said its less of a problem, but still happens. Currently there is a fix for it somewhere in the forums on a topic discussing this bug.

#3
[eluser]WanWizard[/eluser]
Problem is that if you have multiple concurrent requests, you can still run into the situation that a request rotates the session id, while the parallel request, that took longer to process, writes the old (and now obsolete session id back to the cookie).

It's not a fix I posted, but a clumsy workaround, which stores the old session cookie as well, and tries a match on both. Search my post history for the solution.

#4
[eluser]dudeami0[/eluser]
Well I saw someone setting a unique ID that does not change for the session, and then generating a session ID to check that it is still valid. Fix was probably the wrong word too :p

#5
[eluser]WanWizard[/eluser]
You still have to rotate at least one of the ID's, to deal with session fixation. Which makes an extra ID prone to the same problem.

#6
[eluser]SPeed_FANat1c[/eluser]
I found a thread

http://ellislab.com/forums/viewthread/170123/

where there is new Session.php file, donwloaded it, replaced the original Session.php
Created table in database. And now userdata is not written. For example:

Code:
function index()
    {
        
        
           $data = array(
                            'username' => 'admin',
                            'is_logged_in' => true
                        );
            $this->session->set_userdata($data);
            echo 'set';    
                  
    }

this code does not add userdata to session. Where could be the problem?

Edit:

I am not an expert but I looked at that Session.php file, function set_userdata. It calls $this->sess_write();

and I see in sess_write() at the beggining there is code

Code:
// Only write if specifically asked
        if ( ! $write )
        {
            return;
        }

So the $write default value is FALSE and it does not do anything. So is this a bug or I just don't understand something?

#7
[eluser]SPeed_FANat1c[/eluser]
Now I get.

You must add line manually if you want data to be saved in database

Code:
$this->session->sess_write(TRUE);

If you don't add this line I guess it only is saved on cookie? So I don't have to add this line everywhere I use line

Code:
$this->session->set_userdata($data);
. Just where I need data to be in database.

Edit:

Figured out that I need

Code:
$this->session->sess_write(TRUE);

where I set userdata in ajax function. So I have edit all ajax functions in my project which sets userdata. Or I have edit sess_write function, not to check $write variable if it is TRUE. As I understand it decreases performance. My project is not that big so maybe the performance decrease will not be that big.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.