I am using codeigniter version 3.0.6 on PHP 5.6 and it works fine. but when I run same project on PHP 7.1 , codeigniter session is not working. I set session like below
$login_session = $this->session->set_userdata("user_session",$session_data);
when I print $login_session it is blank on PHP 7
Recently I've faced the same problem by upgrading my php version from 5.6 to 7.1 My development environment is XAMPP (Apache + MariaDB) using php7.1.4
Please follow the below steps:
1) Go to system/libraries/Session/Session.php
2) Comment session_start() by adding //.
3) Go down to line around 312-315 where it says Security is king, and comment out the following lines:
ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.hash_function', 1);
ini_set('session.hash_bits_per_character', 4);
4) Then go to your main index.php ( the root index.php )
5) Add session_start() at the top once.
It works for me.
I managed to get over this by following these step.
1) Go to system/libraries/Session/Session.php
2) Search for session_start() Comment session_start() by adding //.
3) Go down to line around 312 (or search Security is king) and comment out all ini_set()
ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.hash_function', 1);
ini_set('session.hash_bits_per_character', 4);
4) Then go to your main index.php ( the root index.php )
5) Add session_start() at the top.
6) Below session_start() add following lines commented in Session.php
ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.hash_function', 1);
ini_set('session.hash_bits_per_character', 4);
That's it.
Session id is different in php 7.1 and not pass the regex checking.
A simple fix: In system/libraries/Session/Session.php arround line 133
OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']])
remove '{40}$'
OR ! preg_match('/^[0-9a-f]/', $_COOKIE[$this->_config['cookie_name']])
The problem is that the session id is deleted from cookie because the regex mismatch. So the session id always renew.
This can fix the regular expression and prevent it run the line "unset($_COOKIE[$this->_config['cookie_name']]);"
It totally works for me !
FYI. Find this after I fix it myself. https://github.com/bcit-ci/CodeIgniter/issues/4830
I found that the issue is with some earlier version of Codeigniter 3 and this is a bug already reported in their website. The bug has been fixed and in the latest version of Codeigniter 3 this issue doesn't happen.
If you are already in a faulty version cogeinter consider replacing system folder with latest version's one.
Found this answer here
Make sure you have set the session save path
$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = APPPATH . 'cache/session/';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;
Set the folder permission 0700
Autoload session if you want
$autoload['libraries'] = array('session');
How to set the session
$session = array('islogged' => true, 'user_id' => '1');
$this->session->set_userdata($session);
Get the user data one set examples
echo $this->session->userdata('user_id');
if (!$this->session->userdata('islogged')) {
redirect('logout');
}
I propose the following steps:
This solves the problem seamlessly, it saves you time as well as the potential risk of messing your app up.
Upgrade Codeigniter to latest version. Issue will resolved.
The problem is from your PHP version, PHP 7.1 is not really stable, and has a lot of issues with sessions. Change your PHP version to 7.0 and sessions will automatically start working.
