• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
session is changing only user_data if using same browser

#1
[eluser]sorin.ruse[/eluser]
Hello there,

I'm kindly new to the CI framework and i'm working on a project that needs auth with sessions.
I've set up my config to outoload 'session' and is registering all sessions to table ci_sessions.

I have noticed that using the same browser and initiate different login sessions with different usernames,
the session helper it actually rewrites only the user_data field.

Is that normal? I was expecting that for a new user that authenticates to create a completely new session rec in the ci_sessions table not only to just rewrite user_data in the session array.

I've discovered this, trying to test the application with multiple users that login and that have different 'roles' and how the views are display.

Thank you in advance for any suggestion.

#2
[eluser]CroNiX[/eluser]
Most likely because they are coming from the same IP and using the same browser (same useragent string), which is how CI tracks sessions by default. If you change those settings (sess_match_ip, sess_match_useragent) in the session config you can probably make it work with multiple sessions, but don't know for sure.

You might need to use a different browser for each user though since the cookie wouldn't change.

#3
[eluser]sorin.ruse[/eluser]
[quote author="CroNiX" date="1405971606"]If you change those settings (sess_match_ip, sess_match_useragent) in the session config you can probably make it work with multiple sessions, but don't know for sure.[/quote]

Tnx CroNiX for ur reply but I have already tried to toggle them true or false but the result is the same. It does not change if on the same browser and same ip. I'll try to make a test to login from my mobile phone to see what happens.

Sorin

#4
[eluser]CroNiX[/eluser]
Yes, I mentioned you will probably need to use a different browser because of the cookie.

#5
[eluser]sorin.ruse[/eluser]
Why is CI so restrictive? Imagine two users are working alternatively on the same computer each one with their own username and password and using the same browser. This means using CI sessions in this situation will overwrite the other one session. Am i RIGHT?

#6
[eluser]CroNiX[/eluser]
Can't answer that. CI sessions have always had a lot of problems. In CI3 they allow you to use native php sessions which might fix this. I haven't used CI3 though since it's not released and we are prohibited from using unreleased/beta code at our shop.

#7
[eluser]sorin.ruse[/eluser]
How anyone suggest I better can solve this problem?

Thanks.

#8
[eluser]CroNiX[/eluser]
don't use the session class and just use php sessions?

#9
[eluser]sorin.ruse[/eluser]
If I use 'old fashioned php sessions' can I later access data that i store there in CI?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.