Codeigniter 3.1.11 - Session regenerate and data loss PHP 7.3.11

Question

I am using Codeigniter 3.1.11 on my localhost with XAMPP PHP version 7.3.11. I am using database sessions, not file.

I wrote some simple code to put user cart data into the session. On the initial form submission, the data is put in the session and looks good. One refresh, the session is regenerated and the prior session data is not there in the new session but is still there in an old session. Below are my config settings. I tried many combinations and cannot figure out the issue.

The initial session data looks good:

Array
(
    [__ci_last_regenerate] => 1576165611
    [CART] => Array
        (
            [0] => Array
                (
                    [product_id] => XYZ1234567
                    [qty] => 1
                )

        )

)

On page refresh, I echo $this->Session->all_userdata() and I receive:

Array
(
    [__ci_last_regenerate] => 1576124405
)

Each refresh generates a new number.

Config settings

$config['sess_driver']             = 'database';
$config['sess_cookie_name']        = 'ci_sessions';
$config['sess_expiration']         = 7200;
$config['sess_save_path']          = 'ci_sessions';
$config['sess_match_ip']           = FALSE;
$config['sess_time_to_update']     = 300;
$config['sess_regenerate_destroy'] = FALSE;

$config['cookie_prefix']    = 'card_';
$config['cookie_domain']    = '';
$config['cookie_path']      = '/';
$config['cookie_secure']    = FALSE;
$config['cookie_httponly']  = FALSE;

I will PayPal $10 to whoever provides a working resolution.

score 0 · Answer 1 · answered Dec 16 '19 at 16:50

I got this partially working by applying a solution from another thread where the REGEX was incorrect when checking the cookie. However this only partially works or works sometimes. This logic is not always executed so I think there is another place in the standard CI session code which also needs to be changed.

\system\libraries\session\Session.php

            //Line 136 changed by me on 12.15.2019 -mb
            //OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']])
            OR ! preg_match('/^[0-9a-f]/', $_COOKIE[$this->_config['cookie_name']])

The post referenced was https://stackoverflow.com/questions/45756370/codeigniter-session-is-not-working-on-php-7 — ReeseB, Dec 16 '19 at 16:52

Codeigniter 3.1.11 - Session regenerate and data loss PHP 7.3.11

1 Answers1