4

I am using Tank Auth for user management in my CI 1.7.3 App. Everything is working fine but I'm trying to set a flash_message to be displayed when the user logs out. The problem is the $this->tank_auth->logout(); function destroys the session. I have modified the logout function in the Tank Auth library to look like:

    function logout()   {
        $this->delete_autologin();

        // See http://codeigniter.com/forums/viewreply/662369/ as the reason for the next line
        $user_session_data = array('user_id' => '', 'username' => '', 'status' => '');
        $this->ci->session->set_userdata($user_session_data);
        $this->ci->session->unset_userdata($user_session_data);
    }

It was previously 

function logout()
        {
            $this->delete_autologin();

            // See http://codeigniter.com/forums/viewreply/662369/ as the reason for the next line
            $this->ci->session->set_userdata(array('user_id' => '', 'username' => '', 'status' => ''));

            $this->ci->session->sess_destroy();
        }

In My controller I have

function logout(){
    if ($this->tank_auth->is_logged_in()) { // logged in
        $this->session->set_flashdata('status_message', $this->lang->line('auth_message_logged_out'));
        $this->tank_auth->logout();

        redirect('');           

    }

}

If I remove the $this->tank_auth->logout(); function the message shows fine. I'm sure it's a simple session problem

Vivin Paliath
  • 94,126
  • 40
  • 223
  • 295
Brooke.
  • 3,691
  • 13
  • 49
  • 80

3 Answers3

7

If you try to set flashdata while using a database in the same request after you call sess_destroy(), it won't work (because there is no session to append the flashdata to).

To fix this problem, add $this->ci->session->sess_create(); after the call to sess_destroy(). This works because you're re-creating the session before trying to append data to it. This is the only way to use flashdata after a sess_destroy() if you're using sessions in a database.

Brendan
  • 4,565
  • 1
  • 24
  • 39
2

The sess_destroy() function destroys also the session flash variables used to pass the message.

U already answered your question, in the library logout() function, you need to replace 

$this->ci->session->sess_destroy();

with 

$this->ci->session->unset_userdata(array('user_id' => '', 'username' => '', 'status' => ''));

This will not completely destroy the session, only the user data used for login, so I recommend instead, to modify the logout() function in the controller and show the message manually, by passing it to a view.

Jonathan
  • 8,676
  • 20
  • 71
  • 101
1

While this is a workaround, it might do the trick for you...

wherever you're displaying these, I'll be assuming you're checking in the view so...

<? if ($this->session->flashdata('status_messege'): ?>

    <p><?= $this->session->flashdata('status_message') ?></p>

<? endif; ?>

you COULD add an elseif to that and check for the referrer being your logout function...

<? if ($this->session->flashdata('status_messege'): ?>

    <p><?= $this->session->flashdata('status_message') ?></p>

<? else if ($this->agent->referrer() == site_url('path/to/logout'): ?>

    <p><?= $this->lang->line('auth_message_logged_out') ?></p>

<? endif; ?>

A bit of a hackish way to overcome this issue, but probably a way nonetheless.

jondavidjohn
  • 61,812
  • 21
  • 118
  • 158