Session lost after redirect in Codeigniter

21
votes

I'm using codeigniter as a framework.

Firstly, I use localhost but when I change to my IP address the login function doesn't work anymore. I found that the session is lost after redirect to another controller.

Here is the result of print_r($this->session->all_userdata());

[session_id] => 7b00fa0f8790f48d24446f9eb4e6aab2 
[ip_address] => 10.42.68.71 
[user_agent] => Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1
[last_activity] => 1285962398 
[user_data] =>

As you can see it doesn't have any data passed to user_data but it was set before redirect when I test.

I separate the controller to two which the first one is users -> handler of login function and another is planner which handler of the link that I redirect from users controller.

users.php (first controller):

$this->load->model('users_model');
$this->load->model('mymodel');
$this->load->database();

$email = $this->input->post('email');

$pass = $this->input->post('password');

$type = $this->input->post('type');

// Authenticate the user
$userdata = $this->users_model->auth_user($email,$pass,$type);

if($userdata)
{
    $data = array('FIRSTNAME' => $userdata->FIRSTNAME, 
                  'LASTNAME' => $userdata->LASTNAME, 
                  'EMAIL' => $userdata->EMAIL,
                  'LOGIN' =>TRUE, 'TYPE' => $type);
    $this->session->set_userdata($data);
    redirect('planner/view_system','refresh');
}

planner.php (second controller):

function __construct() {
    parent::__construct();

    if ( ! ($this->session->userdata('LOGIN')))
    { 
        print_r (var_dump($this->session->userdata('FIRSTNAME')));
        print_r($this->session->all_userdata());
    }
    $this->load->helper(array('form','html','url'));

And here is my config

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update']  = 300;
13
phpcodeignitersessionredirect
does this occur on all browsers? have you tried accessing session values from other functions then constructor?? Is there an error or notice in your error log?Umair Khan
i'm not sure whether this will help, but try changing sess_use_database to true?He Hui
Yes this happen to all browsers. I didn't access value from other function, I directly redirect to the planner. There are no error.Zatanna
@HeHui It doesn't work as I didn't create the database for it and I don't want to save it in my database.Zatanna
i cant really help you here then. the only time i had my sessions disappearing for no reason is when i have multiple sites running on the same server. and I had the same session_cookie_name.He Hui

13 Answers

4
votes

I have the exact same problem and here's what I do. First, go to file system/libraries/Session/Session.php. Comment session_start(); on line 140. On function _configure, comment few lines under // Security is king

//      ini_set('session.use_trans_sid', 0);
//      ini_set('session.use_strict_mode', 1);
//      ini_set('session.use_cookies', 1);
//      ini_set('session.use_only_cookies', 1);
//      ini_set('session.hash_function', 1);
//      ini_set('session.hash_bits_per_character', 4);

Second, go to file index.php on your root project. Put, session_start(); below <?php

Hope this helps.

2
votes

First, you must make sure that there are no special characters in the session items like '\n' or '\v'. Those characters may lead your string to break in the middle. Try trim() for help.

If that's no use, maybe it's some encoding problem. Try to encrypt the session item before you set it, and decrypt it when you need to use it.

2
votes

I solved this problem by configuring the $config['cookie_domain'] to localhost

$config['cookie_domain']    = "localhost";

i initially had that variable set to fully qualified domain name such as www.exampledomain.com but meanwhile i was using a local server.

The domain that your script is running under should be the same as the domain set under $config['cookie_domain] to avoid unexpected failure with codeigniter session class.

2
votes

I am have similar problem, and it turned that problem is very the commonplace ...

root of the evil of my problems were the names containing the character "_"

example, before was 

$this->session->set_flashdata('message_success', 'some message');

after became

$this->session->set_flashdata('messagesuccess', 'some message');

My problem solved Thanks man with this resource http://biostall.com/losing-codeigniter-sessions/

0
votes

In my case, after some tests (with https and http in localhost) the error comes for that issue and not having properly set the $config['cookie_secure'], so you can try changing in config.php:

$config['cookie_secure']    = FALSE; // if is not under https, or true if you use https

Cheers!

0
votes

From my experience, the problems can be:

  1. one (or more) of your files ain't 'UTF-8 with BOM' (if your website won't be only English and use UTF-8 as encoding like mine). You must change all the files to 'UTF-8 with BOM'. Notepad++ will help.
  2. there are some characters before php tag or after ?> (better take ?> out). Please be sure there are no any characters include space.
  3. When call localhost/xxxxxx as the address, change it to 127.0.0.1/xxxxxx or your LAN IP
  4. I always store sessions in DB instead of file (easier for debuging).
0
votes

Same issue with me.

Please check have you load session library in controller.

$this->load->library('session');
0
votes

Please check your links and make sure they are written correctly. When writing absolute URLs, make sure you add the 'www' part. This was the problem in my case. I hope this helps someone.

Good: header("Location: http://www.yourdomain.com/controller/page");

Bad (breaks your session): header("Location: http://yourdomain.com/controller/page");

0
votes

You should add one thing to your autoload.php file.

$autoload['libraries'] = array('database','session');

this will solve your session re-direction problem

0
votes

It's too late but i was facing same problem luckily i solve this problem by change little bit on configurations as below.

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = TRUE; // change this
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = TRUE; // change this
$config['sess_match_useragent'] = TRUE; // change this
$config['sess_time_to_update']  = 300;

Hope this would work for you too.

0
votes

I was shocked at first when I encountered this problem. It happened to me because my session data had an @ sign.

The solution is to simply encode the data using base64_encode.

Eg: 

$Data = urlencode(  base64_encode($Email) );
$this->session->set_userdata('Data', $Data);

And to reuse it, simply do this:

$Data = base64_decode( urldecode( $this->session->userdata('Data') ) );

Hope this helps.

NEW FINDING: This problem still persists on some browsers and devices. So this is not really a solution anymore. For example, it works on Samsung Android, MicroMAX Android but not on Huawei Android.

0
votes

I had the same issue, in my case that was insufficient permissions for sessions folder. Please check php.ini for session.save_path and config.php for $config['sess_save_path'] and make sure the folder has 777 or 757 set as permissions.

-1
votes

Session lost after redirect in Codeigniter

I found the problem too.

You still met the problem. Please notice the session’s direction of the codeigniter. When your browser visited your website and refresh a few time, the codeigniter generated more session files under the session direction of the codeigniter.

You remand load library session on your controller file.

Please refer the following config.php setting.

enter image description here

When you change the about setting, please remove or clear all offline data of your browser and all sessions file of the codeigniter. Then you try to do again. It is maybe repair the problem.

If you can't still repair the problem. You can download the codeigniter package from codeigniter.org again and then extract the package for testing environment.