{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Explosion°爆炸 的问题《Is there any known bug in the session library of C》','https://www.manongdao.com/q-503116.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm working on a website which is created with CodeIgniter 2.1.0.
I've noticed sometimes when I reload a page couple of times or open a couple of pages very fast or when I have an error in the code (these errors are not related to sessions) I get logged out.
This website is using a library called Ion_authand for identifications:
public function logged_in()
{
$identity = $this->ci->config->item('identity', 'ion_auth');
return (bool) $this->ci->session->userdata($identity);
}
Is there a bug or something that I should know about?
$config['sess_cookie_name'] = 'cisession';
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = TRUE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'cisession';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
On this website, sessions get updated almost on every page.
Here is what I found:
There is a bug in the session library of CodeIgniter which destroys the session with rapid requests.
Here you can find more about this bug:
This bug still exist in the latest stable version which is 2.1.3.
I've fixed this by replacing my session library with the one from CI3-DEV from GitHub:
And putting a long sess_expiration and sess_time_to_update in my configuration ... mine are 86400 and 86500.
CodeIgniter saves session data in cookies. If session data has any special character which unsets the cookie, the session is also destroyed.
It also creates few more problem of size limit. Cookie can save a limited size of data depending upon the browser. If you try to store more data in a CodeIgniter session, and as CodeIgniter tries to save it in cookie, it may not save more than that limit.
Also as the cookie is sent over the network, it unnecessarily adds traffic on network. All session data should not be saved in cookie.
It's better to use a native session library. It uses PHP's native session.
https://github.com/EllisLab/CodeIgniter/wiki/Native-session
or
https://github.com/EllisLab/CodeIgniter/wiki/PHPSession
You can compare both.
Please refer the CodeIgniter session documentation for how CodeIgniter stores session data.
https://www.codeigniter.com/user_guide/libraries/sessions.html