Welcome Guest, Not a member yet? Register   Sign In
CI Session being destroyed

I am using CI for a login and session management on a site. For some reason only on the production server, not the development stack, the session data is being altered.

These are abridged versions of my code:

PHP Code:
class User extends CI_Controller {
   public function login() {
       if ($this->form_validation->run() == FALSE)
           $data['site_title'               =$this->config->item('site_title');
               $user $this->Model_user->check_login($username$password);
           //the above model check_login function queries the database and, 
           //if a match, returns an array:
           //$userdata = array ( 
           //  'id'            =>  $result->row(0)->id, 
           //  'first_name'    =>  $result->row(0)->first_name,
           //  'last_name'     =>  $result->row(0)->last_name,
           //  'email'         =>  $result->row(0)->email,
           //  'edit'          =>  $result->row(0)->edit,
           //  'logged_in'     =>  1;
           // The array is being returned 
               if (!$user) {
                   // log-in failed
                   $data['site_title'               =$this->config->item('site_title');
               } else {
                   //log in success; proceed to session
                   $user['logged_in'] = TRUE;
               //did debugging (see below) here
   }// login
//abridged version of Controller Display:
class Display extends CI_Controller {

   public function index(){
           //did debugging (see below) here
       if ($this->session->userdata('logged_in')) {
       } else {

 To debug what is happening, I used the following at the above mentioned points in my code:
PHP Code:
           $array $this->session->all_userdata();
           echo '<pre>';
           echo '</pre>';

 At the end of login the session user data is as it should be:
userdata at user->login
   [session_id] => 0e9a5b9befc7be8cb299f185fcaad4af
   [ip_address] => <an IP address>
   [user_agent] => Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
   [last_activity] => 1431699339
   [user_data] =>
   [id] => 1
   [first_name] => <a first name>
   [last_name] => <a last name>
   [email] => <an e-mail address>
   [edit] => 1
   [logged_in] => 1

 However that is not the session data returned at display->index:
   [session_id] => 2e5705108e2082f168cdb6536fbdec17
   [ip_address] => <an IP address equal to the one above>
   [user_agent] => Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
   [last_activity] => 1431699167
   [user_data] =>
I have reviewed the documentation for sessions and can tell that the sessions library is set to load through the autoloader.  The sessions section of config.php is untouched with one exception:
$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 0;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 300;

$config['sess_expiration'] was  set to 0 for purposes of debugging.

An encryption key is set even though I am not opting to encrypt the cookie.  The mcrypt extension is installed and functioning on the server.

I am really baffled by this and hope someone can provide what to do.

This problem is solved.  After further research I found a very good article for abandoning CodeIgniter session in favour of PHP sessions using a simple library: https://www.moreofless.co.uk/using-nativ...deigniter/

It looks like you are storing your session data in a cookie, which is not very good since users can alter cookie data from within their browser, especially when you're not encrypting the cookie!

Cookies have a limit on how much data they can store (2k). Is it possible you're trying to store too much data?

Are you using ajax much?

Theme © iAndrew 2016 - Forum software by © MyBB