PHP Session does not work properly [Edited:code attached]

Question

Edited:

I am too sad that this question was downvoted, I was stuned by this for many hours.I wish there are a lovely alchemist who can make me back from debuff condition.

I am using codeigniter,I think the problem is when the new session (the session with flash message) is set, the session id (as a cookie) does not send to client, so after redirect to other pages, a fresh new session is created.

There is a problem in my log out function. The logic is simply click "log out", redirect to index page with a flash message--You have been log out.

After inspect， I found these things：the old session is clear with no problems, the new session is created before redirection, the new session do has flash message. Then the strange things comes, when redirected to index, a fresh newer session is created. But, If I do not run redirection after adding flash message, and click browser's refresh, then go to index manually, the session with flash message will be there and displayed perfectly.

I also found before redirection or refresh browser, though the session is recreated, there is no session id in my cookies. The refresh action sends session id to my cookies.

I hope I made the question clear. Thank you.

//auth controller    
public function logout()
{
    $this->my_auth_lib->logout();
    $this->session->set_flashdata('alert','You have been logged out!');
    redirect('index');
}

//my_auth_lib 
public function logout()
{
    return $this->session->sess_destroy();
}

// session library sess_destory method
public function sess_destroy()
{
    // get session name.
    $name = session_name();
    if (isset($_COOKIE[$name])) {
        // Clear session cookie
        $params = session_get_cookie_params();
        setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
        unset($_COOKIE[$name]);
    }

    $this->sess_create();
}

//session library sess_create method
    public function sess_create()
{
    $_SESSION[$this->sess_namespace] = array(
        'session_id' => md5(microtime()),
        'last_activity' => time()
    );

    // Set matching values as required
    if ($this->_config['sess_match_ip'] === true) {
        // Store user IP address
        $_SESSION[$this->sess_namespace]['ip_address'] = $this->ci->input->ip_address();
    }

    if ($this->_config['sess_match_useragent'] === true) {
        // Store user agent string
        $_SESSION[$this->sess_namespace]['user_agent'] = trim(substr($this->ci->input->user_agent(), 0, 50));
    }

    $this->store = $_SESSION[$this->sess_namespace];
}

pass flash message in the GET upon redirection instead, like this: `header("location:index.php?flash=You+have+been+signed+out");` — Saqib Amin, Jan 23 '16 at 13:32

score 0 · Answer 1 · edited May 23 '17 at 12:23

0

Try putting an

exit;

statement in the line right after the redirect

Got the idea from here

PHP: session isn't saving before header redirect

edited May 23 '17 at 12:23

Community

1
1

answered Jan 23 '16 at 14:12

0kay

433
4
7

PHP Session does not work properly [Edited:code attached]

1 Answers1