Codeigniter duplicate session issue

2019-04-06 17:55发布

问题:

I have an application built with codeigniter using the sessions class and storing session data in a database. The problem is I'm getting extra session records in my database when my webpage loads a css file.

Up until recently I was running my application on a simple VPS host provided by rackspace. Database and Apache were both running on the same VPS. Recently however I've migrated my application to PHPFog to allow it to scale more easily. I didn't have this issue with my former hosting setup.

The row with the populated value for user_data is my original session. The other three blank sessions are the result of simply refreshing the page three times. I seem to have tracked it down to including a css file in my header, when I comment it out or delete it the issue goes away. It's only this particular css file also, other css/js/image files don't cause this issue.

Here is a link to the css file in question: http://pastebin.com/XfEBNFiC

Anyone know what could be causing this? Thanks!

UPDATE: I realized the html of the page in question might be helpful. Commenting out the stylesheet include on line 13 makes the issue go away. http://pastebin.com/iBEb4he6

UPDATE2:

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 300;

/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path'   =  Typically will be a forward slash
| 'cookie_secure' =  Cookies will only be set if a secure HTTPS connection exists.
|
*/

$config['cookie_domain']    = 'casey.phpfogapp.com'; //$base_url_parts['host'];
$config['cookie_path']      = '/';

$config['cookie_prefix']    = "";
$config['cookie_secure']    = FALSE;

回答1:

In my applications I place the following code into .htaccess for preventing a cookie to be sent with css/js/images requests:

#.htaccess

# Use Mod_deflate to compress static files
<ifmodule mod_deflate.c>
<filesmatch ".(js|css|ico|txt|htm|html|php)$">
SetOutputFilter DEFLATE
</filesmatch>
</ifmodule>

# Speed up caching
FileETag MTime Size

# Expires
ExpiresActive On
ExpiresDefault "access plus 366 days"

# Future Expires Headers
<filesmatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Sat, 27 Dec 2014 23:59:59 GMT"
</filesmatch>


回答2:

I had this issue before and the problem was that the CI cookie name cannot have dots in it.

bad cookie name: .domain.com

smooth criminal: mydomaincom

I was using the domain name with dots for the cookie name to enable domain wide cookies (share cookies from the main domain to all its subdomains), turns out I've found that the only thing I needed for that was:

$config['cookie_domain']    = ".domain.com";