Session lost after redirect in Codeigniter

Question

I'm using codeigniter as a framework.

Firstly, I use localhost but when I change to my IP address the login function doesn't work anymore. I found that the session is lost after redirect to another controller.

Here is the result of print_r($this->session->all_userdata());

[session_id] => 7b00fa0f8790f48d24446f9eb4e6aab2 
[ip_address] => 10.42.68.71 
[user_agent] => Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1
[last_activity] => 1285962398 
[user_data] =>

As you can see it doesn't have any data passed to user_data but it was set before redirect when I test.

I separate the controller to two which the first one is users -> handler of login function and another is planner which handler of the link that I redirect from users controller.

users.php (first controller):

$this->load->model('users_model');
$this->load->model('mymodel');
$this->load->database();

$email = $this->input->post('email');

$pass = $this->input->post('password');

$type = $this->input->post('type');

// Authenticate the user
$userdata = $this->users_model->auth_user($email,$pass,$type);

if($userdata)
{
    $data = array('FIRSTNAME' => $userdata->FIRSTNAME, 
                  'LASTNAME' => $userdata->LASTNAME, 
                  'EMAIL' => $userdata->EMAIL,
                  'LOGIN' =>TRUE, 'TYPE' => $type);
    $this->session->set_userdata($data);
    redirect('planner/view_system','refresh');
}

planner.php (second controller):

function __construct() {
    parent::__construct();

    if ( ! ($this->session->userdata('LOGIN')))
    { 
        print_r (var_dump($this->session->userdata('FIRSTNAME')));
        print_r($this->session->all_userdata());
    }
    $this->load->helper(array('form','html','url'));

And here is my config

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update']  = 300;

Answer 1

I have the exact same problem and here's what I do. First, go to file system/libraries/Session/Session.php. Comment session_start(); on line 140. On function _configure, comment few lines under // Security is king

//      ini_set('session.use_trans_sid', 0);
//      ini_set('session.use_strict_mode', 1);
//      ini_set('session.use_cookies', 1);
//      ini_set('session.use_only_cookies', 1);
//      ini_set('session.hash_function', 1);
//      ini_set('session.hash_bits_per_character', 4);

Second, go to file index.php on your root project. Put, session_start(); below <?php

Hope this helps.

Answer 2

First, you must make sure that there are no special characters in the session items like '\n' or '\v'. Those characters may lead your string to break in the middle. Try trim() for help.

If that's no use, maybe it's some encoding problem. Try to encrypt the session item before you set it, and decrypt it when you need to use it.

Answer 3

I solved this problem by configuring the $config['cookie_domain'] to localhost

$config['cookie_domain']    = "localhost";

i initially had that variable set to fully qualified domain name such as www.exampledomain.com but meanwhile i was using a local server.

The domain that your script is running under should be the same as the domain set under $config['cookie_domain] to avoid unexpected failure with codeigniter session class.

Answer 4

I am have similar problem, and it turned that problem is very the commonplace ...

root of the evil of my problems were the names containing the character "_"

example, before was

$this->session->set_flashdata('message_success', 'some message');

after became

$this->session->set_flashdata('messagesuccess', 'some message');

My problem solved Thanks man with this resource http://biostall.com/losing-codeigniter-sessions/

Answer 5

I had the same issue, in my case that was insufficient permissions for sessions folder. Please check php.ini for session.save_path and config.php for $config['sess_save_path'] and make sure the folder has 777 or 757 set as permissions.

Answer 6

In my case, after some tests (with https and http in localhost) the error comes for that issue and not having properly set the $config['cookie_secure'], so you can try changing in config.php:

$config['cookie_secure']    = FALSE; // if is not under https, or true if you use https

Cheers!

Answer 7

From my experience, the problems can be:

1. one (or more) of your files ain't 'UTF-8 with BOM' (if your website won't be only English and use UTF-8 as encoding like mine). You must change all the files to 'UTF-8 with BOM'. Notepad++ will help.
2. there are some characters before php tag or after ?> (better take ?> out). Please be sure there are no any characters include space.
3. When call localhost/xxxxxx as the address, change it to 127.0.0.1/xxxxxx or your LAN IP
4. I always store sessions in DB instead of file (easier for debuging).

Answer 8

Same issue with me.

Please check have you load session library in controller.

$this->load->library('session');

Answer 9

Please check your links and make sure they are written correctly. When writing absolute URLs, make sure you add the 'www' part. This was the problem in my case. I hope this helps someone.

---

Good: header("Location: http://www.yourdomain.com/controller/page");

---

Bad (breaks your session): header("Location: http://yourdomain.com/controller/page");

Answer 10

I was shocked at first when I encountered this problem. It happened to me because my session data had an @ sign.

The solution is to simply encode the data using base64_encode.

Eg:

$Data = urlencode(  base64_encode($Email) );
$this->session->set_userdata('Data', $Data);

And to reuse it, simply do this:

$Data = base64_decode( urldecode( $this->session->userdata('Data') ) );

Hope this helps.

NEW FINDING: This problem still persists on some browsers and devices. So this is not really a solution anymore. For example, it works on Samsung Android, MicroMAX Android but not on Huawei Android.

Answer 11

You should add one thing to your autoload.php file.

$autoload['libraries'] = array('database','session');

this will solve your session re-direction problem

Answer 12

It's too late but i was facing same problem luckily i solve this problem by change little bit on configurations as below.

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = TRUE; // change this
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = TRUE; // change this
$config['sess_match_useragent'] = TRUE; // change this
$config['sess_time_to_update']  = 300;

Hope this would work for you too.

Answer 13

Session lost after redirect in Codeigniter

I found the problem too.

You still met the problem. Please notice the session’s direction of the codeigniter. When your browser visited your website and refresh a few time, the codeigniter generated more session files under the session direction of the codeigniter.

You remand load library session on your controller file.

Please refer the following config.php setting.

When you change the about setting, please remove or clear all offline data of your browser and all sessions file of the codeigniter. Then you try to do again. It is maybe repair the problem.

If you can't still repair the problem. You can download the codeigniter package from codeigniter.org again and then extract the package for testing environment.