当我使用以下配置时,我在codeigniter 2.1.3版中也遇到了这个问题:
$config['sess_use_database'] = TRUE;
$config['sess_time_to_update'] = 300;
我认为这与ajax请求无关,而与codeigniter中的错误有关。
看来,当您将会话存储在数据库中时,300秒后将强制注销。经过3个小时的搜索和分析,我在代码中发现了一个明显的错误,同时也发现了一个不清楚的错误,我已经按照以下方式解决了该错误:
创建一个新文件:application / libraries文件夹中的MY_Session.php
向其添加以下代码:
// fixed by sirderno 2013
if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class MY_Session extends CI_Session
{
public function __construct()
{
parent::__construct();
}
/**
* Update an existing session
*
* @access public
* @return void
*/
public function sess_update()
{
// We only update the session every five minutes by default
if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now)
{
return;
}
// Save the old session id so we know which record to
// update in the database if we need it
$old_sessid = $this->userdata['session_id'];
$new_sessid = '';
while (strlen($new_sessid) < 32)
{
$new_sessid .= mt_rand(0, mt_getrandmax());
}
// To make the session ID even more secure we'll combine it with the user's IP
$new_sessid .= $this->CI->input->ip_address();
// Turn it into a hash
$new_sessid = md5(uniqid($new_sessid, TRUE));
// Update the session data in the session data array
$this->userdata['session_id'] = $new_sessid;
$this->userdata['last_activity'] = $this->now;
// _set_cookie() will handle this for us if we aren't using database sessions
// by pushing all userdata to the cookie.
$cookie_data = NULL;
// Update the session ID and last_activity field in the DB if needed
if ($this->sess_use_database === TRUE)
{
// set cookie explicitly to only have our session data
$cookie_data = array();
foreach (array('session_id','ip_address','user_agent','last_activity') as $val)
{
$cookie_data[$val] = $this->userdata[$val];
}
$cookie_data['session_id'] = $new_sessid; // added to solve bug
//added to solve bug
if (!empty($this->userdata['user_data']))
$cookie_data['user_data'] = $this->userdata['user_data'];
$this->CI->db->query($this->CI->db->update_string($this->sess_table_name, array('last_activity' => $this->now, 'session_id' => $new_sessid), array('session_id' => $old_sessid)));
}
// Write the cookie
$this->_set_cookie($cookie_data);
}
/**
* Write the session cookie
*
* @access public
* @return void
*/
public function _set_cookie($cookie_data = NULL)
{
if (is_null($cookie_data))
{
$cookie_data = $this->userdata;
}
// Serialize the userdata for the cookie
$cookie_data = $this->_serialize($cookie_data);
if ($this->sess_encrypt_cookie == TRUE)
{
$cookie_data = $this->CI->encrypt->encode($cookie_data);
}
else
{
// if encryption is not used, we provide an md5 hash to prevent userside tampering
$cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
}
$_COOKIE[ $this->sess_cookie_name ] = $cookie_data; // added to solve bug
$expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
// Set the cookie
setcookie(
$this->sess_cookie_name,
$cookie_data,
$expire,
$this->cookie_path,
$this->cookie_domain,
$this->cookie_secure
);
}
}
?>
明显的错误是它没有在更新的cookie中存储“ user_data”。尚不清楚的错误是,它在更新了新的会话ID之后在文件Session.php中执行了sess_read()函数,我不知道为什么会这样,因为我希望它在更新之前执行,而不是像在构造函数中编写后那样执行Session.php。因此,sess_read()函数开始读取具有旧会话ID的旧Cookie信息,并希望将其与数据库中的会话ID进行比较,但是session_id更新后,数据库中不再存在该信息,因此将导致注销。
Session.php文件的sess_read函数中的以下代码行负责读取旧的cookie信息:
$session = $this->CI->input->cookie($this->sess_cookie_name);
因此,在MY_Session.php的函数_set_cookie中,我添加了以下代码行,以使用新代码更新服务器的旧Cookie信息:
$_COOKIE[ $this->sess_cookie_name ] = $cookie_data; // added to solve bug
通过此修复程序,将“ sess_time_to_update”与“ sess_use_database”结合使用可以正常工作。这是一个简单而简单的错误修复。
扫一扫
4782
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
