CodeIgniter destroying my session without

Question

So, my current task involves a site where people can sign in, and view a series of training videos on a particular topic. I developed this within CodeIgniter. The only trouble is that once I have them log in, and I create a session, that session seems to mysteriously disappear after a few minutes, and they're mysteriously bounced back to the login page (which is what happens if someone is on the training video page without being signed in. This is the block of code in my config.php page:

$config['sess_cookie_name'] = 'cc_session';
$config['sess_expiration']  = 0;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']  = 'cc_sessions';
$config['sess_match_ip']    = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 3000000;

Why is sess_time_to_update set so high? At first, I thought that was the culprit, updating the session after 5 minutes. I have set the session to record to a database, and all that good stuff. Please, ask me questions, and help me get to the bottom of this!

I should point out that I have an iFrame that is on the course page that is sending a "ping" back to a server this way...

 <iframe id="timerAddEnd" style="display:none;" src="http://www.example.com/course/finish/<?=$course->intKey?>/ping" >
 </iframe>
 <script type="text/javascript">
      var auto_refresh = setInterval( function () 
      { 
           var iframe = document.getElementById('timerAddEnd'); 
           iframe.src = iframe.src; 
      }, 60000); 
      // refresh every minute 
 </script> 

Could THIS be the culprit? I was hoping this would be a quick and dirty fix to the initial problem.

Answer 1

I had the same problem with session data getting "randomly" destroyed in CodeIgniter and I spent alot of time finding out what was wrong. Now I think i found MY problem, and it seemed as the $this->session->set_flashdata was the culprit.

I noticed that I got logged out on pages where this were used. I also noticed that if you do:

$this->session->set_flashdata('thisItem', 'value');

and later on the same page have the same variable again:

$this->session->set_flashdata('thisItem', 'new value');

then it will destroy the session data every time. Now I removed all the set_flashdata from my site, I havent been logged out since.. hoping this was my problem. When I have the time I will try to rewrite my flashing system to maybe something like if (!isset('thisItem)) { set it; } and stuff like this to prevent it from happening again, because I really want the flash messages.

Answer 2

Well, this may not be a full "answer" per se, but I did come up with a workaround of sorts.

I knew that the problem involved CodeIgniter handling sessions with... how do I put it... stuff running in the background. Originally I was using a CI page within the iFrame. Those "pings" back to the system were what was causing the lockout. So, I now use a regular, flat ol' PHP page within the iFrame. It connects to the database, but doesn't go through CI to do it. I get my "pings" to the table in question, but I don't break the session.

Answer 3

Are you using Firefox and Firebug with extensions (like FirePHP) installed? Because if you are having such a setup, when you open/close the Firebug console, the user-agent string changes, and your session is no longer recognized by CI.

My workaround was to disable FirePHP. Try checking your user-agent string and see if you have something extra besides the default browser user-agent. You should be able to identify it easily. if there is one.