Search code examples
phpcodeigniterxamppwamp

SESSION variable is reset on redirect() in Codeigniter php

I am facing some weird issue of session variable getting reset on action redirect.

I am using Codeigniter and redirecting to dashboard action after login, I am getting data in login action after verifying credentials with DB, but when I use redirect() to redirect to dashboard, session variables gets vanished.

Admin.php

<?php class admin extends CI_Controller 
{
    function login()
    {
        $login = $this->Admin_model->login($this->input->post()); // <-- verify data and set to session
        if($login)
        {
            $this->session->set_flashdata("success","Logged in Successfully");
            var_dump($_SESSION); // <-- able to fetch data from session
            // exit();
            redirect("admin/dashboard");
        }
        else
        {
            $this->session->set_flashdata("error","Invalid Credentials!! Please Try Again!!");
            redirect("admin");
        }
    }

    function dashboard()
    {
        var_dump($_SESSION); // <-- session data is vanished and not able to get userdata('id')
        exit();
        if($this->session->userdata('id') != '')
        {
            $data['active_tab'] = "dashboard";
        }
        else
        {
            redirect("admin");
        }
    }
?>

Admin_model.php

<?php Class Admin_Model extends CI_Model
{
    function login($data)
    {
        $user = $this->db->get_where("users",array("username" => $data['username'],
                                     "password" => md5($data['password']),
                                     "is_active" => "1")
                                    )->row_array(); 
        if(!empty($user))
        {
            $this->set_user_session($user);
            return true;
        }
        else
        {
            return false;
        }
    }

    function set_user_session($login)
    {
        $arr = array();
        $arr["id"] = $login["id"];
        $arr["username"] = $login["username"];
        $this->session->set_userdata($arr);
    }
?>

Tried this in xampp and wamp, all browsers but still the issue remains the same, any help would be grateful.

Solution

  • Which version of CodeIgniter are you working with? You can try the following steps.

    1. Go to system/libraries/Session/Session.php
    2. Comment session_start() by adding //. We want to relocate the sessionn_start().
    3. Find (using ctrl + f) a comment that says Security is king. Comment out all the line under that comment until the end of the function. In my case I commented out the line number 315 - 320.
    4. on line number 282 change this line ini_set('session.name', $params['cookie_name']); to ini_set('session.id', $params['cookie_name']);

    5. comment out following lines

      line 108 //session_set_save_handler($class, TRUE); line 290-296 // session_set_cookie_params( // $params['cookie_lifetime'], // $params['cookie_path'], // $params['cookie_domain'], // $params['cookie_secure'], // TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons // ); line 305 //ini_set('session.gc_maxlifetime', $expiration);

    6. Go to the main index.php, it is the first index.php and located in the same directory with the sub-directories 'application', 'system', 'user_guide', etc.
    7. Put session_start() right after < ?php

    Hope this can help you....