Session lost after redirect in Codeigniter
Solution 1
I have the exact same problem and here's what I do.
First, go to file system/libraries/Session/Session.php
.
Comment session_start();
on line 140
.
On function _configure
, comment few lines under // Security is king
// ini_set('session.use_trans_sid', 0);
// ini_set('session.use_strict_mode', 1);
// ini_set('session.use_cookies', 1);
// ini_set('session.use_only_cookies', 1);
// ini_set('session.hash_function', 1);
// ini_set('session.hash_bits_per_character', 4);
Second, go to file index.php
on your root project.
Put, session_start();
below <?php
Hope this helps.
Solution 2
First, you must make sure that there are no special characters in the session items like '\n' or '\v'. Those characters may lead your string to break in the middle. Try trim() for help.
If that's no use, maybe it's some encoding problem. Try to encrypt the session item before you set it, and decrypt it when you need to use it.
Solution 3
I am have similar problem, and it turned that problem is very the commonplace ...
root of the evil of my problems were the names containing the character "_"
example, before was
$this->session->set_flashdata('message_success', 'some message');
after became
$this->session->set_flashdata('messagesuccess', 'some message');
My problem solved Thanks man with this resource http://biostall.com/losing-codeigniter-sessions/
Solution 4
I solved this problem by configuring the $config['cookie_domain'] to localhost
$config['cookie_domain'] = "localhost";
i initially had that variable set to fully qualified domain name such as www.exampledomain.com but meanwhile i was using a local server.
The domain that your script is running under should be the same as the domain set under $config['cookie_domain] to avoid unexpected failure with codeigniter session class.
Solution 5
I had the same issue, in my case that was insufficient permissions for sessions folder.
Please check php.ini for session.save_path
and config.php for $config['sess_save_path']
and make sure the folder has 777 or 757 set as permissions.
Zatanna
Updated on July 09, 2022Comments
-
Zatanna almost 2 years
I'm using codeigniter as a framework.
Firstly, I use
localhost
but when I change to my IP address the login function doesn't work anymore. I found that the session is lost after redirect to another controller.Here is the result of
print_r($this->session->all_userdata());
[session_id] => 7b00fa0f8790f48d24446f9eb4e6aab2 [ip_address] => 10.42.68.71 [user_agent] => Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1 [last_activity] => 1285962398 [user_data] =>
As you can see it doesn't have any data passed to
user_data
but it was set before redirect when I test.I separate the controller to two which the first one is users -> handler of login function and another is planner which handler of the link that I redirect from users controller.
users.php
(first controller):$this->load->model('users_model'); $this->load->model('mymodel'); $this->load->database(); $email = $this->input->post('email'); $pass = $this->input->post('password'); $type = $this->input->post('type'); // Authenticate the user $userdata = $this->users_model->auth_user($email,$pass,$type); if($userdata) { $data = array('FIRSTNAME' => $userdata->FIRSTNAME, 'LASTNAME' => $userdata->LASTNAME, 'EMAIL' => $userdata->EMAIL, 'LOGIN' =>TRUE, 'TYPE' => $type); $this->session->set_userdata($data); redirect('planner/view_system','refresh'); }
planner.php
(second controller):function __construct() { parent::__construct(); if ( ! ($this->session->userdata('LOGIN'))) { print_r (var_dump($this->session->userdata('FIRSTNAME'))); print_r($this->session->all_userdata()); } $this->load->helper(array('form','html','url'));
And here is my config
$config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; $config['sess_expire_on_close'] = FALSE; $config['sess_encrypt_cookie'] = FALSE; $config['sess_use_database'] = FALSE; $config['sess_table_name'] = 'ci_sessions'; $config['sess_match_ip'] = TRUE; $config['sess_match_useragent'] = FALSE; $config['sess_time_to_update'] = 300;
-
katwekibs about 6 yearsAlso if you are using database transactions $this->db->trans_begin(); make sure somewhere in your code a concluding transaction action either $this->db->trans_rollback(); or $this->db->trans_commit(); is called
-
Alex over 5 yearsNote:
sess_encrypt_cookie
andsess_match_useragent
are CI 2.x settings, see codeigniter.com/userguide3/installation/… -
Alex over 5 yearsIf you define an
ENVIRONMENT
var in /index.php or with dotenv, you can do$config['cookie_secure'] = ENVIRONMENT === 'production';
-
Bonifacius Sarumpaet over 3 yearsYeah, this helps me. But can you explain further why is this happening? Thanks!
-
Abed Putra over 3 yearsquestion, is it secure?
-
Pankaj Shinde over 3 yearsRemoving the special characters like _ - | $ (and more) from the variable names has helped in resolving this issue