I have this weird problem with my ci sessions. On localhost is works fine, but online the log shows the error:
我的ci会话有这个奇怪的问题。在localhost上工作正常,但在线日志显示错误:
The session cookie data did not match what was expected. This could be a possible hacking attempt.
会话cookie数据与预期不符。这可能是一次可能的黑客攻击。
I removed all cookies and emptied the sessions table. I also set user_agent length to 255. Basepath is also correct. What is notice when I log the session id's is the following:
我删除了所有cookie并清空了会话表。我还将user_agent长度设置为255. Basepath也是正确的。记录会话ID时的注意事项如下:
On the login page and when checking username/pw the id is the same, then I go to my members area where the id has changed.
在登录页面上,当检查用户名/ pw时,id是相同的,然后我转到id已更改的成员区域。
Another example:
1. I go to members area, session id is set, i'm not logged in, im sent to login
2. On login page, session id is changed, i login
3. Validation, session id is unchanged, i'm validated and sent to members area
4. On members area, session id is changed, i'm not logged in.
另一个例子:1。我去会员区,会话ID设置,我没有登录,我发送到登录2.在登录页面,会话ID被更改,我登录3.验证,会话ID不变,我'已经过验证并发送到会员区4.在会员区,会话ID已更改,我尚未登录。
On the login page, my sessions table counts 0 rows, when i login the sessions table counts 2/3 rows. 1 of them, but not the one with the current session id holds all the correct data.
在登录页面上,我的会话表计数0行,当我登录会话表计数2/3行时。其中1个,但不是具有当前会话ID的那个保存所有正确的数据。
Hopefully someone can help me with this.
希望有人可以帮助我。
2 个解决方案
#1
4
I think Codeignitor native php session library has the problems. It cause the problems that you are describing because if the cookies is not set, it won’t set. Furthermore it won’t be able to recognize the session. In order to avoid this problem you can use Native Session Class
我认为Codeignitor原生的php会话库存在问题。它会导致您描述的问题,因为如果未设置cookie,则不会设置。此外,它将无法识别会话。为了避免此问题,您可以使用Native Session Class
Here are few links to support my answer. Problems with cookies / MAMP / Codeingiter http://myphplibrary.blogspot.in/2012/03/codeigniter-session-issue-fixation.html
这里有一些支持我的答案的链接。 cookies / MAMP / Codeingiter问题http://myphplibrary.blogspot.in/2012/03/codeigniter-session-issue-fixation.html
#2
1
A couple of things to check;
要检查的几件事情;
-
The server local time vs your local time - perhaps the cookie is expiring as it is set? To confirm - set the $config['sess_expiration'] time to like 9999999 and see if it works
服务器本地时间与当地时间 - 也许cookie在设置时到期?要确认 - 将$ config ['sess_expiration']时间设置为9999999并查看它是否有效
-
Turn off $config['encrypt_cookie']
关闭$ config ['encrypt_cookie']
-
Turn off $config['sess_match_ip']
关闭$ config ['sess_match_ip']
-
Make sure you have set the correct cookie information:
确保您已设置正确的cookie信息:
$config['cookie_prefix'] = ""; $config['cookie_domain'] = // YOUR DOMAIN $config['cookie_path'] = // YOUR BASE URI $config['cookie_secure'] = FALSE;
#1
4
I think Codeignitor native php session library has the problems. It cause the problems that you are describing because if the cookies is not set, it won’t set. Furthermore it won’t be able to recognize the session. In order to avoid this problem you can use Native Session Class
我认为Codeignitor原生的php会话库存在问题。它会导致您描述的问题,因为如果未设置cookie,则不会设置。此外,它将无法识别会话。为了避免此问题,您可以使用Native Session Class
Here are few links to support my answer. Problems with cookies / MAMP / Codeingiter http://myphplibrary.blogspot.in/2012/03/codeigniter-session-issue-fixation.html
这里有一些支持我的答案的链接。 cookies / MAMP / Codeingiter问题http://myphplibrary.blogspot.in/2012/03/codeigniter-session-issue-fixation.html
#2
1
A couple of things to check;
要检查的几件事情;
-
The server local time vs your local time - perhaps the cookie is expiring as it is set? To confirm - set the $config['sess_expiration'] time to like 9999999 and see if it works
服务器本地时间与当地时间 - 也许cookie在设置时到期?要确认 - 将$ config ['sess_expiration']时间设置为9999999并查看它是否有效
-
Turn off $config['encrypt_cookie']
关闭$ config ['encrypt_cookie']
-
Turn off $config['sess_match_ip']
关闭$ config ['sess_match_ip']
-
Make sure you have set the correct cookie information:
确保您已设置正确的cookie信息:
$config['cookie_prefix'] = ""; $config['cookie_domain'] = // YOUR DOMAIN $config['cookie_path'] = // YOUR BASE URI $config['cookie_secure'] = FALSE;