DB sessions randomly logging users out

[eluser]CI_Newb[/eluser]
So in my tests, sessions worked fine. But once I went to production (same server, just more users) every now and then, my users will say it randomly logs them out. Not often, just randomly.

Here's how my config looks now trying to solve this problem.

Code:

$config['sess_cookie_name']        = 'ci_session';
$config['sess_expiration']        = 0;
$config['sess_encrypt_cookie']    = FALSE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']        = 'user_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent']    = TRUE;
$config['sess_time_to_update']     = 25200;

This is all within a secure network so i'm not worried about attacks or stuff, I just want it not to time out for the duration of the users shift.

Any ideas?

[eluser]WanWizard[/eluser]
Do you use ajax calls on your site?

[eluser]CI_Newb[/eluser]
Nope. Stock CI stuff and a slight tinge of jquery effects. Nothing more.

[eluser]freeman[/eluser]
Hi, can you try removing the underscore?

Code:

$config['sess_cookie_name'] = 'cisession';

[eluser]CI_Newb[/eluser]
[quote author="headtrip" date="1290880906"]Hi, can you try removing the underscore?

Code:

$config['sess_cookie_name'] = 'cisession';

[/quote]

If I'm using database sessions, wouldn't this be not used?

[eluser]WanWizard[/eluser]
Every session solution uses a cookie, to store the session_id client-side. This is how a request is matched to a server-side session. Sessions don't function without the cookie.

Next to ajax calls you can also loose the session if you have multiple concurrent calls to the application. This can happen if for example you have a missing image, that is being rewritten to index.php.

[eluser]CI_Newb[/eluser]
[quote author="WanWizard" date="1290921967"]Every session solution uses a cookie, to store the session_id client-side. This is how a request is matched to a server-side session. Sessions don't function without the cookie.

Next to ajax calls you can also loose the session if you have multiple concurrent calls to the application. This can happen if for example you have a missing image, that is being rewritten to index.php.[/quote]

Well my application has a main entry form that has about 20-30 users consistantly accessing it.

You think this could be doing it? Would changing the cookie name solve it?

[eluser]pesho_h_k[/eluser]
HI

I had a similar problem, and the solution was in the session library where it stores the data in the database. I added just one more where at the end of the sess_write method:

Old:
$this->CI->db->where('session_id', $this->userdata['session_id']);

New:
$this->CI->db->where( array( 'session_id' => $this->userdata['session_id'], 'ip_address' => $this->userdata['ip_address'] ) );

This solved the problem. Hope it helps you too

[eluser]WanWizard[/eluser]
There's a flaw in the design of the session library, which can cause this behaviour when you have multiple concurrent requests from the same browser, in combination with session id rotation.

To make sure this is not the problem, set 'sess_time_to_update' to something like 86400 * 365 ( a full year). This will prevent the id from rotating.

The underscore in the cookie name is mainly an IE problem, other browsers don't have an issue with it.

[eluser]CI_Newb[/eluser]
Thanks for the information all. I'll get the changes in on monday and hopefully my users will stop complaining lol