Codeigniter: Session's problems with Chrome and IE

Created on 17 Aug 2012  路  8Comments  路  Source: bcit-ci/CodeIgniter

I've already read a lot of other posts about this, but I can't yet find a solution which works for me.

On Firefox everythign works fine, on IE9 (I haven't tried other versions, but I suppose it's the same) and Chrome (any of the latest versions) the session doesn't work.
The session_id keeps changing on each page refresh, this is the only data stored into the session

Array ( [session_id] => 969d9d1306bcce9727766275d55b2fb3 [ip_address] => 127.0.0.1 [user_agent] => Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) [last_activity] => 1345196493 [user_data] => )

nothing can be stored in the ['user_data'] key

On the database the entry is generated.

I'm NOT using AJAX

OS: Windows7 64bit

Config settings

if(isset($_SERVER['HTTP_HOST']))
{
$config['base_url'] = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https' : 'http';
$config['base_url'] .= '://'. $_SERVER['HTTP_HOST'];
$config['base_url'] .= isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] != '80' ? ( ':'.$_SERVER['SERVER_PORT'] ) : '';
$config['base_url'] .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
}
else
{
$config['base_url'] = 'http://localhost/';
}

$config['sess_cookie_name'] = 'crdsession';
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'crd_sessions';
$config['sess_match_ip'] = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;

$config['cookie_prefix'] = "";
$base_url_parts = parse_url($config['base_url']);
$config['cookie_domain'] = $base_url_parts['host'];
$config['cookie_path'] = $base_url_parts['path'];
unset($base_url_parts);
$config['cookie_secure'] = FALSE;

Most helpful comment

I had same issue before but change
$config['sess_cookie_name'] = 'ci_session';
to
$config['sess_cookie_name'] = 'cisession';
solved this issue.
However, when i do an ajax call on a view, cookie session will lost...

All 8 comments

Your settings seem all OK ... looks like a cookie collision to me. Does it work on the live host or do you have problems on both environments?

I don't have a live version at the moment, I'm developing the application on my local machine.
I've just tried to delete all the browsing data (cookies, passwords, saved forms' data,.. anything) from both IE and Chrome, but the problem persists.
If I print
print_r($_COOKIE)
IE and Chrome prints an empty array, Firefox prints the cookie correctly.

I've done another try, I've disabled the session's library autoload and I've put these lines inside a controller's function

session_start();
echo session_id().br();
if( !isset($_COOKIE['test']) ){
setcookie("test", 'my test cookie', time()+3600);
echo 'setting new cookie';
}
echo $_COOKIE['test'];

The 1st time I visit the page the session id and the message "setting new cookie" are shown
the 2nd time the session id remains the same and the message changes to "my test cookie"
at each other refresh both the session id and the message don't change

so the browsers are ok with the cookies' management

I've just been able to put my project online, it works fine also on IE and Chrome, the problem is only using it in local, maybe it is a problem of domain name.
Anyway this can be closed.

Thanks for the help, I wouldn't have thought to make a try on a live installation wasting a lot of other time.

@narfbg , @Kumidan I have changed my config.php file as instructed. Still the same problem with Chrome but Firefox is working well. Check http://sapama.com
What might be the problem?

I also had this problem but only locally.

I had same issue before but change
$config['sess_cookie_name'] = 'ci_session';
to
$config['sess_cookie_name'] = 'cisession';
solved this issue.
However, when i do an ajax call on a view, cookie session will lost...

As I've said in my first comment on this thread - this can only be caused by a cookie collision, meaning that there are two cookies with the same name matching the domain that you're trying to access. That's why changing the cookie name (in many cases from _ci_session_ to _cisession_) has worked for many of you.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

vahidvdn picture vahidvdn  路  4Comments

alexmason528 picture alexmason528  路  6Comments

Struki84 picture Struki84  路  7Comments

rmdhfz picture rmdhfz  路  3Comments

erikk1986 picture erikk1986  路  3Comments