Message: ini_set(): A session is active. You cannot change the session module's ini settings at this time

14
votes

I created a login page with codeigniter,but i get the php message.

Message: ini_set(): A session is active. You cannot change the session module's ini settings at this time

how to fix this?

view (login.php)

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Admin Login</title>
<link rel="stylesheet" href="../css/normalize.css">
<link rel="stylesheet" href="../css/admin-style.css">
</head>
<body>
    <?php echo form_open('Verify_login', ['id'=>'loginForm', 'name'=>'loginForm', 'method'=>'post']) ?>
    <div class="login">
        <div class="log-box">
            <h3>Login</h3>
            <div >
                  <input id="username" name="username" placeholder="User Name" value="" type="text" >
                <?php echo form_error('username'); ?>
                <input id="Password" name="password" placeholder="Password" required type="password">
                <?php echo form_error('password'); ?>
                <div class="remember-me">
                    <input id="checkBox" type="checkbox">
                    <label for="checkBox">Remember Me</label>
                </div>
                <button class="login-button" name="loginButton">Login</button>
            </div>
        </div>
    </div>
 </form>
</body>
</html>

controller (Verify_login.php)

<?php 
defined('BASEPATH') OR exit('No direct script access aloowed');

class Verify_login extends CI_Controller
{

public function __construct()
{
    parent::__construct();
    $this->load->model('User');
    $this->load->helper('url');
    $this->load->helper('security');
    $this->load->library('form_validation');
    $this->load->library('session');
}

public function index()
{
    $this->form_validation->set_rules('username', 'Username', 'trim|required');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|callback_check_database');
    if ($this->form_validation->run() == FALSE) {
        // if validation failed load the view 
        $this->load->view('admin/login');
    }

    else{
        $this->check_database($username , $password);
        redirect('dashboard', 'refresh');
    }
}

public function check_database($password)
{
    $username = $this->input->post('username');

    //query tha database
    $result = $this->User->login($username, $password);

    if ($result) {
        $sess_array = [];
        foreach ($result as $row) {
            $sess_array = 
                [
                    'id'=>$row->id,
                    'username'=>$row->name
                ];
            $this->session->set_userdata('logged_in', $sess_array);
        }
        return TRUE;
    }
    else{

        $this->form_validation->set_message('check_database','invalid username and password');
    }
  }
 }
?>

controller(Admin.php)

session_start(); //need to call PHP's session object to access it though it
class Admin extends CI_Controller
{

public $data;
public function __construct()
{
    parent::__construct();
    $this->load->helper('url');

    $this->load->helper('form');
    $this->load->helper('url');
    $this->load->library('form_validation');
    $this->load->helper('security');

    //load user model
    $this->load->model('User');

}
public function index()
{
    // $this->load->view('admin/index');
    if ($this->session->userdata('logged_in')) {

        $session_data = $this->session->userdata('logged_in');
        $data['username'] = $session_data['name'];
        $this->load->view('admin/dashboard', $data);
    }
    else{

        //if no session redirect to login page 
        redirect('admin', 'refresh');
        // redirect('login');
    }
}

public function logout()
{
    $this->session->unset_userdata('logged_in');
    session_destroy();
    redirect('home', 'refresh');
}

model (User.php)

<?php

/** *user login claass which extends MY_Model * */

defined('BASEPATH') OR exit('no direct script allowed');

class User extends CI_Model
{
    protected $table = 'users';

    public function __construct()
    {
        $this->load->database();
    }

    public function login($username ,$password)
    {
        var_dump($username);
        var_dump($password);
        $this->db->select(['id', 'name', 'password']);
        $this->db->from($this->table);
        // $this->db->where('name', $username);
        // $this->db->where('password', $password);
        $this->db->limit(1);

        $query = $this->db->get();
        if ($query->num_rows() == 1) {
            return $query->result();
        }
        else{

            return false;
        }
    }
   }    
   ?>
7
phpcodeignitersessionapache2
Please provide some code or provide things you have tried. This message means you are trying to change the session modules settings after a session_startJesse
check phpinfo() to see if your config has session.auto_start set on?Linus
sure session.auto_start off.noushid p

7 Answers

17
votes

You don't need this line in admin.php

session_start(); //need to call PHP's session object to access it though it

When you load the session library, its constructor does this for you.

7
votes

The message means that you have started a session with session_start() in which further down in the code you are using ini_set() to manipulate the session module. If you are manipulating the session module, it should be done before a session is started and active.

2
votes

Message: ini_set(): A session is active. You cannot change the session module's ini settings at this time

I had same error message sometime ago , By default Code-igniter will write to file (C:\xampp\tmp) in my case. But I want it to write to database instead.

In your autoloader you might have had something like this: 

//:::::$autoload['libraries'] = array();
//'session', this mean start session ini_set()
$autoload['libraries'] = array('session', 'database');

By default setting in the config/config.php session configurartion look like this:

$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = NULL;
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

The documentation stated that to use database instead of file you should first create a table in application database.

CREATE TABLE IF NOT EXISTS `ci_sessions` (
        `id` varchar(128) NOT NULL,
        `ip_address` varchar(45) NOT NULL,
        `timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
        `data` blob NOT NULL,
        KEY `ci_sessions_timestamp` (`timestamp`)
);

Go back to the config/config.php and change $config['sess_driver'] = 'files'; to $config['sess_driver'] = 'database';

Like so I thought everything should be fine but I got the error Message: ini_set(): A session is active. You cannot change the session module's ini settings at this time

My Solution was to first run the session_destroy();

Then change session name and table name

My config look like this : 

$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'newname_session';
$config['sess_expiration'] = 72000;
$config['sess_save_path'] ='newname_sessions';
$config['sess_match_ip'] = TRUE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

Save everything and after refresh the page all cleared, no error message showing

1
votes

This is really working for me

if (!isset($_SESSION)) {

// server should keep session data for AT LEAST 24 hour
ini_set('session.gc_maxlifetime', 60 * 60 * 24);

// each client should remember their session id for EXACTLY 24 hour
session_set_cookie_params(60 * 60 * 24);
session_start();
}

so you do start your session after calling ini_set and session_set_cookie_params etc

1
votes

This works for me:

if (!isset($_SESSION)) {
   // server should keep session data for AT LEAST 24 hour
   ini_set('session.gc_maxlifetime', 60 * 60 * 24);

   session_start();

   // each client should remember their session id for EXACTLY 24 hour
   session_set_cookie_params(60 * 60 * 24);
}
-1
votes

You can handle this issue by only running the command when it's needed like this:

if (!isset($_SESSION)
    && !headers_sent()
) {
    session_start();
}
-5
votes
  1. Go to file \system\libraries\Session\Session.
  2. Uncomment session_start() at line 143 and you are done.