CodeIgniter Session id
Just a quick blurb. I had a problem with CodeIgniter regenerating the session id all willy-nilly.
Here’s a snip from the config.
$config['sess_cookie_name'] = ‘ci_session’;
$config['sess_expiration'] = 54000;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = ’sessions’;
$config['sess_match_ip'] = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
Turns out, CodeIgniter will regenerate the session id every time it updates the session table in the database. So, by default the session id gets regenerated every 5 mins (300 seconds). Instead of changing the sess_time_to_update value, I dug around in the code for a bit.
Here’s the culprit. (In basedir/system/libraries/Session.php)
$old_sessid = $this->userdata['session_id'];
$new_sessid = “”;
while (strlen($new_sessid) < 32)
$new_sessid .= mt_rand(0,mt_getrandmax());
$new_sessid = md5(uniqid($new_sessid,True));
Talk about entropy…
Quick hack: comment out these lines and set $new_sessid = $this->userdata['session_id'];
Bang. Zoom. Straight to the Moon.
Hi there Mumrah,
I saw the link here from
http://codeigniter.com/forums/viewthread/80342/#418057
It looks like I was having a similar issue and just wanted to drop a line and say thanks.
Michael
michaelangela2008
25 Jun 08 at 4:23 am
I was also having problems with this so just another note of thanks from me
Dave
31 Jul 08 at 10:41 am
it does not seems to work since CI version 1.7.0
julien
9 Nov 08 at 10:19 pm