I have recently updated form 2.2.x to 3.0.0 with following the update procedure from codeigniter's website.
I have having real issues with the new session library - heres the issue.
We have a login section which dependant on the subdomain and user/pass credentials will give you certain privileges from ADMIN / RESELLER / CLIENT / USER
In order to determine the correct privileges for the user we have built a customer LIBRARY (location:application/library) which we have called Session_management, this library DOES NOT extend the core SESSION driver/library and never has and has no extension to another class, this library is also auto-loaded, prior to CI 3.0.0 everything was working fine.
First this the Session_management does is __construct()
$this->CI =& get_instance();
$this->CI->load->model('users');
$this->CI->load->model('clients');
$this->CI->load->model('sessions');
$this->CI->load->driver('session');
$this->CI->load->library('password_hash');
$this->CI->load->helper('url');
$this->users = $this->CI->users;
$this->clients = $this->CI->clients;
$this->sessions = $this->CI->sessions;
$this->session = $this->CI->session;
$this->password_hash = $this->CI->password_hash;
Prior to CI 3.0.0 I has no issues in using the
$this->CI->load->library('session');
but for some unknown reason (to me) I HAVE to load it through the driver
$this->CI->load->diver('session');
if someone could explain why I am having to do it this way that would be great.
When a user submits their user/pass credentials a CONTROLLER session/signin is requested which runs firstly form validation, providing everything is successfully, the Session_management login method is called.
$success = $this->session_management->login
($this->input->post('email'), $this->input->post('password'));
In the LOGIN method in the Session_management class a bunch of sessions are set using
$this->session->set_userdata();
$this->session->set_userdata('user_id', 0);
$this->session->set_userdata('user_name', '');
$this->session->set_userdata('client_id', 0);
$this->session->set_userdata('client_administrator', 0);
$this->session->set_userdata('reseller_administrator', 0);
However when I var_dump() the session for all its session data it has NOTHING and I can't why this is, no session data is there except my protected fields form the config, which I have double checked and triple checked and are working fine, my sess_save_path is storing the session files correctly, and the rest of the sess configs are also correct.
$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = '/Users/******/Sites/********/tmp';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;
This is a development website on my local OS X iMac, as I say prior to CI 3.0.0 everything was working fine.
Just to add before I get reply's saying "you need to use"
$this->load->library('session');
I have "HAD" to load it as a driver, I don't have a choice, I have read the documentation and have seen how to initialise the session library.
If I do attempt to load it as a library
$this->load->library('session');
This is what I get
A PHP Error was encountered
Severity: Notice
Message: Undefined property: Session::$session
Filename: libraries/Session_management.php
Line Number: 38
For your ref: line 38 is:
$this->session = $this->CI->session;
This is after trying to load the session library
$this->CI->load->library('session');
Also to add to this message re: Database sessions / File session.
Database sessions were my first option, a have revamp the database columns and indexes to suit CI 3.0.0 as the documentation mentions and session were and are storing in the database table when I change my config to use the database, however reading the performance differences between File sessions against Database sessions under high load, File sessions will out perform database session and since the website / platform I am creating will be under high load, database sessions aren't the way forward.
As a note: The website runs under a subdomain.domain.*** structure where subdomain is registered as a company name upon a company registration i.e
mycompany.mywebsiteurl.com
anothercompany.mywebsiteurl.com
As previously mention - prior to my update to CI 3.0.0 it was working fine.
Might I also add: I have checked my log files, I am running tail -f for live log updates - and it don't see any log issues.
Any help, information or anything that could possible put me in the right direction would be appreciated.
I have also posted on the CI forum.
A fresh copy of CI 3.0.0 with necessary files and configs transferred across didn't solve my problem/issue.
What seems to be the whole cause of the problem was the fact I had a controller call Sesssion.php which is named the same as the Driver file.
When CI (Codeigniter) calls
$this->load->library('session')
there are a few checks done before CI knows that you want to actually load the CI_Session class ... class_exists('Session') returns TRUE and it stops there in order to avoid a fatal error.
Hope this helps others too.
Related
I have a codeigniter application where the session is set when a user logs in and is shown the user dashboard with somewhat like the code below:
public function checkLogin()
{
$username = $this->input->post("username");
$password = $this->input->post("password");
$userId = $this->ModelLogin->checkLogin($username, $password);
if ($userId) {
$session_data = array(
'is_logged_in' => true,
'userId' => $userId,
);
$this->session->set_userdata($session_data);
redirect("/user/dashboard");
} else {
$this->session->set_flashdata('login_error', "Incorrect username/password");
}
}
Now I am to fix a Session Fixation issue by regenerating the Session ID before authenticating the user. When I include the session_regenerate_id() or even the codeigniter specific $this->session->sess_regenerate() function, it works within this function but as soon as it is redirected to the /user/dashboard the session data gets blank.
I am adding the regenerate line just before the $this->session->set_userdata($session_data);. The above code works perfectly without the regenerate.
Additionally, I am using the database session driver. When I switch to the files driver, even the regenerate logic works perfectly. It's just something with the database driver (I feel) is causing this issue.
I fixed this after days of trial and error.
This was present in Codeigniter 3.0.x that too on PHP 7.x (which was what my application was running on)
After extensive search, I stumbled upon a Codeigniter changelog that mentioned a regression bug fix in some later versions (3.0.x) of Codeigniter and that's when I started scanning through the changes in the Codeigniter session library and the database driver where I found this snippet:
// PHP7 will reuse the same SessionHandler object after
// ID regeneration, so we need to explicitly set this to
// FALSE instead of relying on the default ...
$this->_row_exists = FALSE;
Just when I brought this only line change into my existing codeigniter system, the problem was solved instantly!
I am trying to access some of the functions within phpBB from my Laravel application, this is for actions such as adding a user when a registration happens on my main site and autologins.
PhpBB is installed under /public/forums and I have updated .htaccess to allow it. I am able to access and use it just fine.
I have a helper that was originally constructed for codeigniter but should translate in to the laravel world. I am loading it as a helper by putting it under app, loading it using
use App\Helpers\phpBBHelper;
and I access the functions as such
$ph = new phpBBHelper();
$ph->addPhpbb3User('dave','password','dave#dave.com');
At the top of my helper I have this constructor
public function __construct() {
// Set the variables scope
global $phpbb_root_path, $phpEx, $cache, $user, $db, $config, $template, $table_prefix;
define('IN_PHPBB', TRUE);
define('FORUM_ROOT_PATH', 'forum/');
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : FORUM_ROOT_PATH;
$phpEx = substr(strrchr(__FILE__, '.'), 1);
// Include needed files
include($phpbb_root_path . 'common.' . $phpEx);
// Initialize phpBB user session
$user->session_begin();
$auth->acl($user->data);
$user->setup();
// Save user data into $_user variable
$this->_user = $user;
}
When i execute the code I get a server 500 error
PHP Fatal error: Call to a member function getScriptName() on null in
/home/ubuntu/workspace/public/forum/phpbb/session.php on line 50
which is this line
$script_name = $request->escape($symfony_request->getScriptName(), true);
I have found a post on stack overflow that exactly refers to my issue but the resolution of that issue was never posted
Laravel conflicting
In that thread it was suggested that because both phpBB and Laravel both use composer it was causing a conflict when loading the classes. I am not sure if that is true.
But Laravel is certainly affecting phpBB when I call the $user->session_begin();.
I would suggest to not reinvent the wheel and use already coded extension like lara-auth-bridge. The registration is simply inserting the right rows in the right tables, not familiar with phpBB3 in particular, but you could see the changes in the database after a new account is created.
Edit: You can surround the problematic code in try {} catch {} block in case that the error is not fatal for the registration itself so the server will not end up with 500.
When two applications had to communicates, I updated the twice. PhpBB is written to be upgradable with extension. You can develop a phpBB extension which is an API to create a new user.
Your new extension uses XML-RPC over HTTP for all communications between your laravel app and the forum system. You define a route which receives informations about the new users and then you analyse the creation process in phpbb. This way is easier because you're inside the phpBB/symfony Framework.
In your laravel application, you have to call the API to start communications.
The error clearly indicates that the symfony_request object is null. By browsing the source code a bit, I found that that variable (and many others) are expected to exist globally.
It seems like you have to include the phpBB/app.php file. It creates most of the objects needed.
update:
Actually, you are including the common file which does most of the initial setup. Maybe just making a global
$symfony_request = $phpbb_container->get('symfony_request');
will work. (I can't test it myself now, just throwing ideas)
(If possible, though, I'd try another library. I don't like those globals. Nobody does. It makes tracing stuff and debugging harder, as this question shows)
To be able to get the session request, you have to be sure both the PhpBB forum and your Laravel application use the same kind of cookie :
Same domain
Same path
Same secure flag
Are these settings ok?
I recently created a new symfony application on the existing website. Then, in this new application, I want to read the session of old applications(something like login user id). Unfortunately, in each application, the session are completely separate(I mean the symfony session, something like $this->getUser()->getAttribute("userSession")).
I guess the symfony session is implemented using $_SESSION like:
$_SESSION = array("symfonyapp1" => array(....), "symfonyapp2" => array(....));
So I wrote $_SESSION["test"] = "testStr" in the old application and wrote var_dump($_SESSION["test"]);. The screen simply prints "null", so my guess is wrong.
Then I think maybe I can read the configuration of a certain application and then get the user of that application. So I wrote the following code in my new application:
require_once($_SERVER['DOCUMENT_ROOT'].'/../config/ProjectConfiguration.class.php');
$configuration = ProjectConfiguration::getApplicationConfiguration('frontend', 'prod', false);
$context = sfContext::createInstance($configuration);
var_dump($context->getUser()->getAttribute("userId"));
Unfortunately again, it prints "null".
I completely have no idea now. Any advice is greatly appreciated
Check session identifiers of your apps. Php's default session id is PHPSESSID and as far as I remember default session identifier for Symfony 1.4 apps is just symfony
You can change Symfony's session identifier by modyfing apps/YOUR_APP_NAME/config/factories.yml file, by setting:
all:
storage:
param:
session_name: PHPSESSID
By doing that your Symfony app will share the same session id as your old app and you will be able to read $_SESSION attributes in Symfony app
I having issues with Codeigniter sessions dying on IE randomly, I search everywhere and tried everything, the bug just wouldnt dissappear, i tried the function to check if ajax and wont sess_update() not working either, so my question is, what is the setback if I initialize the CI session every controller call? I have both native and CI sessions, but It would take me a few more days to change everything to Native sessions. its a temp fix.
class Transactions extends Controller {
function Transactions()
{
session_start();
parent::Controller();
$this->load->model('Modelcontracts');
$this->load->model('Modelsignup');
$this->load->model('Modeltransactions');
$this->session->set_userdata('account_id',$_SESSION['account_id']);
$this->session->set_userdata('email',$_SESSION['email']);
$this->session->set_userdata('account_type',$_SESSION['account_type']);
$this->session->set_userdata('parent_account_id',$_SESSION['parent_account_id']);
$this->session->set_userdata('accountrole_id',$_SESSION['accountrole_id']);
$this->session->set_userdata('user_type_id',$_SESSION['user_type_id']);
}
function index()
{
I never experience any problems with CodeIgniters sessions. Have you created the MySQL table for ci_sessions?
The setback is basicly that it's an unlogical call. If that doesn't matter, then I can't see any setbacks with it.
You could ease up the code like this though:
$arr = array('account_id', 'email', 'account_type', 'parent_account_id', 'accountrole_id', 'user_type_id');
foreach($arr as $h)
if (isset($_SESSION[$h]))
$this->session->set_userdata($h, $_SESSION[$h]);
// else echo "Session [{$h}] doesn't exist!";
Or extend your session library to do a
foreach(array_keys($_SESSION) as $h)
$this->CI->session->set_userdata($h, $_SESSION[$h]);
When loaded.
I don't think you should be using session_start() if you're having CodeIgniter manage your sessions (which you are if you're using CodeIgniter's set_userdata() / get_userdata() functions).
It says right at the top of the CI user docs that CI doesn't use PHP's native session handling, so this may be causing you trouble. The session is started automatically by loading the session library, either automatically if you put it in the config file or explicitly with $this->load->library('session');.
http://codeigniter.com/user_guide/libraries/sessions.html
-Gus
Edit: I came across a CI forum post regarding IE/CI session issues. Apparently it's a well-known issue. http://codeigniter.com/forums/viewthread/211955/
I'm working on a Zend project where I need to include another project, which isn't using ZF. This other project is stored in the public directory in the folder of the zend project.
For this other project I need the logindata from the zend project (zend auth is used for this). There are 2 ways to accomplish this i think.
Just get the stored login sessionvariable. But where/what variable?
Or try to get the data with zend methodes in the other project. But how? Without changing the structure of this other project.
Or maybe (probably) there's an other/better solution?!
Hope it's clear.
Tnx
$authNamespace = new Zend_Session_Namespace('Zend_Auth');
$authNamespace->user = "myusername";
Just include pathToZendProjectDirectory\Zend\Session.php from your 'nonzend` project
The login data is in SESSION variable. But we can't access the session data directly outside the project, because the SESSION contain some Zend objects. When we start the session it race an error __PHP_Incomplete_Class has no unserializer.
To over come this add the code in starting of the page.
function __autoload($class) { // required files load automatically
require_once "pathToZendProjectDirectory/PathToZendLibrary/$class.php";
}