0

My Codeigniter sessions have been dying a-lot lately. So I went and had a look at my database and I saw that all the sessions have ip_address 0.0.0.0 and some have useragent 0

So I checked my $CI->input->ip_address() function and saw that it always returns 0.0.0.0 event thought $_SERVER['REMOTE_ADDR'] returns an IP address that is valid in $CI->input->valid_ip($ip).

Does this have anything to do with my sessions dying?

I also read that sessions tend to die when the user-data reaches 4K. It might be part of it as I give every page an ID in the session which is never removed. I think its not the issue because 90% of the activity is via 1 page and AJAXs (I already added an AJAX session fix).

EDIT: I am using CI version 2.1.4.

Cœur
  • 37,241
  • 25
  • 195
  • 267
Dvir Levy
  • 8,018
  • 11
  • 39
  • 60
  • What is your CI version? Have your CI system folder files been customized? You will have to go to `/system/core/input.php` and find `public function ip_address()` if you are looking to troubleshoot. – MonkeyZeus Nov 26 '13 at 15:11
  • Also, you mentioned the IPs in the DB are assigned 0.0.0.0 so one would think that you are not using the cookie-only route so the 4k limit does not apply to DB sessions. – MonkeyZeus Nov 26 '13 at 15:15
  • I am using CI version 2.1.4 and it hasn't been customized. The only addition to the core that I did is create a 'MY_Session.php' in-order to apply the AJAX session fix. – Dvir Levy Nov 26 '13 at 15:23
  • Out of curiosity I am interested in your AJAX session fix because I was not able to resolve the RACE condition issue 100% so I reverted back to using `$_SESSION`. I was making about 6 asynchronous calls at once though. – MonkeyZeus Nov 26 '13 at 15:28
  • http://stackoverflow.com/a/9233081/1056799 – Dvir Levy Nov 26 '13 at 15:33
  • Hmm, I did try that fix but it only reduced the frequency of my session issues. I'm honestly not too worried about it though because I found a size-able performance boost by getting away from DB sessions stored in MySQL. – MonkeyZeus Nov 26 '13 at 15:37
  • If you create a `test.php` controller and do not load the `session` library then do you still get 0.0.0.0 from CI's `ip_address()`? – MonkeyZeus Nov 26 '13 at 15:38
  • I need the DB in-order to control users in the system (Kick, push message etc...). and I get 0.0.0.0 even if the sessions library isn't loaded :\ – Dvir Levy Nov 26 '13 at 15:43
  • Oh sorry, I wasn't implying that you should switch but rather just pointing out my failure lol. Have you taken a look at the `/system/core/input.php` file yet? – MonkeyZeus Nov 26 '13 at 15:46
  • Yes, since i didnt setup any proxy it comes down to this: `$this->ip_address = $this->server('remote_addr');`. When I tested `$this->input->server('remote_addr');` the strangest thing happened, first load it gave me an IP. The same IP as `$_SERVER['REMOTE_ADDR'];`, and when i reloaded it stopped returning an IP. not sure what to make of that... – Dvir Levy Nov 26 '13 at 16:01
  • let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/41977/discussion-between-dvir-levy-and-monkeyzeus) – Dvir Levy Nov 26 '13 at 16:03
  • did you check that one http://stackoverflow.com/questions/14491043/retrieve-real-ip-of-user-using-codeigniter – Suvash sarker Nov 26 '13 at 16:04
  • @shuvo that gave me Message: Undefined index: HTTP_X_FORWARDED_FOR :\ – Dvir Levy Nov 26 '13 at 16:16

2 Answers2

1

input->ip_address() is defined incorrectly in system/core/input.php. 
On line 351 change it to $this->ip_address = $this->server('REMOTE_ADDR');

AbcAeffchen
  • 14,400
  • 15
  • 47
  • 66
George W
  • 61
  • 1
  • 4
0

So, Im not sure how it happened, but apparently the var "REMOTE_ADDR" was coming in lowercase and should be uppercase. So adding strtoupper() to input->server() on the var $index fixed my problem for now....

Very strange issue...

Dvir Levy
  • 8,018
  • 11
  • 39
  • 60