I am being faced with a very weird bug in CodeIgniter 2.1.4 with sessions. I'm storing encrypted sessions into a database. The following configurations for sessions in the config.php are as follows:
$config['sess_cookie_name'] = 'club_session';
$config['sess_expiration'] = time()+(60*60*24); //expire in one day
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'session';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
I have set an encryption key within the config.php file as well.
When a member logs in successfully the follow session logic is carried out:
$session_data = array(
'member_login_state' => TRUE,
'memberID' => $memberID
);
$this->session->set_userdata($session_data); //set member
When a member logs out:
$session_data = array(
'member_login_state' => '',
'memberID' => ''
);
$this->session->unset_userdata($session_data); //unset member
I have extended the CI_Controller with the following method:
public function member_is_logged_in()
{
if ($this->session->userdata('member_login_state') == FALSE)
{
redirect('member'); //redirect to member login
}
}
Once a member is logged in each controller that serves authorized areas for a member is extended like below:
class Hub extends MY_Controller {
function __construct()
{
parent::__construct();
$this->member_is_logged_in(); // check member is logged in
}
//methods below.....
}
Now if i access any methods in these extended controllers when not logged in I will be redirected to the login page. When logged in I can be just navigating between a couple of different methods that output different views and I am automatically logged out and redirected back to the login page. This can happen anytime e.g. 1 minute, 2 minutes 10 minutes.
I am really stumped, any help would be appreciated
Thanks...
