Uploaded session issues

[eluser]morph london[/eluser]
I have created a simple model to login and authorize users:

Code:

<?php
class Usermodel extends Model {

    function Usermodel()
    {
        parent::Model();
        $this->load->database();
        $this->load->library('session');
    }
    
    function checkLogin($email,$password)
    {
        $email = $email;
        $password = $password;
        
        $this->db->where('email', $email);
        $this->db->where('password', $password);
        $query = $this->db->get('users');
        $user = $query->row();
    
        
        if(($query->num_rows() > 0))
        {
            $this->session->set_userdata('id', $user->id);
            return true;
        }
        else
        {
            return false;
        }
    }
    
    function checkAccess()
    {
        //echo 'id: '.$this->session->userdata('id');
        if(!$this->session->userdata('id')) redirect('admin/home/refer/restricted');
    }
    
    function checkLoggedIn()
    {
        return $this->session->userdata('id');
    }
    
    function userLogout()
    {
        $this->session->sess_destroy();
        
        redirect('admin/home/refer/logout');
    }
}
?>

This works fine on my local testing server but when I upload it to my live hosting server the session does not seem to be created in the checkLogin() function. Specifically:

Code:

$this->session->set_userdata('id', $user->id);

It does not seem to create a session so checkLoggedIn() redirects back into the login. I am using plesk to test the website so this puts the testing URL on a https server, I am assuming it has something to do this that.

Thanks Alex

[eluser]TheFuzzy0ne[/eluser]
[quote author="mcfarlane.alex" date="1209401391"]I have created a simple model to login and authorize users:

Code:

<?php
class Usermodel extends Model {

    function Usermodel()
    {
        parent::Model();
        $this->load->database();
        $this->load->library('session');
    }
    
    function checkLogin($email,$password)
    {
        $email = $email;
        $password = $password;
        
        $this->db->where('email', $email);
        $this->db->where('password', $password);
        $query = $this->db->get('users');
        $user = $query->row();
    
        
        if(($query->num_rows() > 0))
        {
            $this->session->set_userdata('id', $user->id);
            return true;
        }
        else
        {
            return false;
        }
    }
    
    function checkAccess()
    {
        //echo 'id: '.$this->session->userdata('id');
        if(!$this->session->userdata('id')) redirect('admin/home/refer/restricted');
    }
    
    function checkLoggedIn()
    {
        return $this->session->userdata('id');
    }
    
    function userLogout()
    {
        $this->session->sess_destroy();
        
        redirect('admin/home/refer/logout');
    }
}
?>

This works fine on my local testing server but when I upload it to my live hosting server the session does not seem to be created in the checkLogin() function. Specifically:

Code:

$this->session->set_userdata('id', $user->id);

It does not seem to create a session so checkLoggedIn() redirects back into the login. I am using plesk to test the website so this puts the testing URL on a https server, I am assuming it has something to do this that.

Thanks Alex[/quote]

Is it possible that you don't have the domain/path for your cookies setup correctly?

You'll probably need to clear your cache and cookies to get the correct cookie sent to you. I'd recommend just deleting the cookies for your site, and then checking that they are being sent to you after that.

It sounds like to cookie might be getting set, but isn't being read properly. Another test might be to try and save the session to a database, and see what happens.

[eluser]morph london[/eluser]
Hi thanks for the reply, I have checked that the session is adding into the database. But the domain is a testing domain on a IP address. e.g. https://83.100.100.100/. Would I have tried setting the domain to 'myenddomain.com' but this did not work.

[eluser]TheFuzzy0ne[/eluser]
[quote author="mcfarlane.alex" date="1209405840"]Hi thanks for the reply, I have checked that the session is adding into the database. But the domain is a testing domain on a IP address. e.g. https://83.100.100.100/. Would I have tried setting the domain to 'myenddomain.com' but this did not work.[/quote]

I'm not sure what's going on, but I am fairly sure it has something to do with your domain/cookie settings. I used to get a problem similar to this with Dragonfly CMS, and it took lots of cookie and cache clearing, and fiddling with settings to get it fixed. Obviously, this ain't Dragonfly CMS, but the problem does sound very similar.

Did you manage to clear you cookies and cache, and see what path the cookies are being set for?

It might help if we know:
Your Web site directory.
Your Web root.
Your IP/domain name.

Obviously you can use an obfuscated IP and domain name if you feel it could be a security issue. This way, hopefully, we can run through the settings with you (or at least, someone who knows what they are doing might).

[eluser]morph london[/eluser]
Also I have just noticed that my sessions database is showing 'Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en' as the user agent, and my correct external IP. Now the uploaded version is showing a local Ip and can not get my user agent.

[eluser]TheFuzzy0ne[/eluser]
It sounds like your problem is likely to be something to do with HTTPS. This is something I know next to nothing about, sorry.