Session lost after redirect in Codeigniter

php codeigniter session redirect

54,410

Solution 1

I have the exact same problem and here's what I do. First, go to file system/libraries/Session/Session.php. Comment session_start(); on line 140. On function _configure, comment few lines under // Security is king

//      ini_set('session.use_trans_sid', 0);
//      ini_set('session.use_strict_mode', 1);
//      ini_set('session.use_cookies', 1);
//      ini_set('session.use_only_cookies', 1);
//      ini_set('session.hash_function', 1);
//      ini_set('session.hash_bits_per_character', 4);

Second, go to file index.php on your root project. Put, session_start(); below <?php

Hope this helps.

Solution 2

First, you must make sure that there are no special characters in the session items like '\n' or '\v'. Those characters may lead your string to break in the middle. Try trim() for help.

If that's no use, maybe it's some encoding problem. Try to encrypt the session item before you set it, and decrypt it when you need to use it.

Solution 3

I am have similar problem, and it turned that problem is very the commonplace ...

root of the evil of my problems were the names containing the character "_"

example, before was

$this->session->set_flashdata('message_success', 'some message');

after became

$this->session->set_flashdata('messagesuccess', 'some message');

My problem solved Thanks man with this resource http://biostall.com/losing-codeigniter-sessions/

Solution 4

I solved this problem by configuring the $config['cookie_domain'] to localhost

$config['cookie_domain']    = "localhost";

i initially had that variable set to fully qualified domain name such as www.exampledomain.com but meanwhile i was using a local server.

The domain that your script is running under should be the same as the domain set under $config['cookie_domain] to avoid unexpected failure with codeigniter session class.

Solution 5

I had the same issue, in my case that was insufficient permissions for sessions folder. Please check php.ini for session.save_path and config.php for $config['sess_save_path'] and make sure the folder has 777 or 757 set as permissions.

View more solutions

54,410

Author by

Zatanna

Updated on July 09, 2022

Comments

Zatanna almost 2 years

I'm using codeigniter as a framework.

Firstly, I use localhost but when I change to my IP address the login function doesn't work anymore. I found that the session is lost after redirect to another controller.

Here is the result of print_r($this->session->all_userdata());

[session_id] => 7b00fa0f8790f48d24446f9eb4e6aab2 
[ip_address] => 10.42.68.71 
[user_agent] => Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1
[last_activity] => 1285962398 
[user_data] =>

As you can see it doesn't have any data passed to user_data but it was set before redirect when I test.

I separate the controller to two which the first one is users -> handler of login function and another is planner which handler of the link that I redirect from users controller.

users.php (first controller):

$this->load->model('users_model');
$this->load->model('mymodel');
$this->load->database();

$email = $this->input->post('email');

$pass = $this->input->post('password');

$type = $this->input->post('type');

// Authenticate the user
$userdata = $this->users_model->auth_user($email,$pass,$type);

if($userdata)
{
    $data = array('FIRSTNAME' => $userdata->FIRSTNAME, 
                  'LASTNAME' => $userdata->LASTNAME, 
                  'EMAIL' => $userdata->EMAIL,
                  'LOGIN' =>TRUE, 'TYPE' => $type);
    $this->session->set_userdata($data);
    redirect('planner/view_system','refresh');
}

planner.php (second controller):

function __construct() {
    parent::__construct();

    if ( ! ($this->session->userdata('LOGIN')))
    { 
        print_r (var_dump($this->session->userdata('FIRSTNAME')));
        print_r($this->session->all_userdata());
    }
    $this->load->helper(array('form','html','url'));

And here is my config

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update']  = 300;

katwekibs about 6 years

Also if you are using database transactions $this->db->trans_begin(); make sure somewhere in your code a concluding transaction action either $this->db->trans_rollback(); or $this->db->trans_commit(); is called
Alex over 5 years

Note: sess_encrypt_cookie and sess_match_useragent are CI 2.x settings, see codeigniter.com/userguide3/installation/…
Alex over 5 years

If you define an ENVIRONMENT var in /index.php or with dotenv, you can do $config['cookie_secure'] = ENVIRONMENT === 'production';
Bonifacius Sarumpaet over 3 years

Yeah, this helps me. But can you explain further why is this happening? Thanks!
Abed Putra over 3 years

question, is it secure?
Pankaj Shinde over 3 years

Removing the special characters like _ - | $ (and more) from the variable names has helped in resolving this issue