CI 2.0.3会话heisenbug:20分钟后会话丢失,仅在服务器重定向上,日志中无可疑 [英] CI 2.0.3 session heisenbug: session is lost after some time 20 minutes, only on server redirect, nothing suspicious in the logs
问题描述
我似乎对此没有任何进展。我的CI会话设置如下:
I can't seem to make any progress with this one. My CI session settings are these:
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update'] = 7200;
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;
会话库在自动加载时加载。我已对sess_update函数进行了评论,以防止发现有关阅读CI论坛的AJAX错误。
The session library is loaded on autoload. I've commented the sess_update function to prevent an AJAX bug that I've found about reading the CI forum.
数据库中的 ci_sessions 表的排序规则为 utf8_general_ci (存在一个错误,该错误在每次调用 redirect()之后丢失了会话,并且该链接与以下事实有关:排序规则为 latin1_swedish_ci
The ci_sessions table in the database has collation utf8_general_ci (there was a bug that lost the session after every redirect() call and it was linked to the fact that the collation was latin1_swedish_ci by default).
在我的管理部分的用户尝试添加较长的文章并单击保存按钮后,它总是会中断。保存操作如下所示:
It always breaks after a user of my admin section tries to add a long article and clicks the save button. The save action looks like this:
function save($id = 0){
if($this->my_model->save_article($id)){
$this->session->set_flashdata('message', 'success!');
redirect('admin/article_listing');
}else{
$this->session->set_flashdata('message', 'errors encountered');
redirect('admin/article_add');
}
}
如果您花费20分钟以上并点击保存,则
If you spend more than 20minutes and click save, the article will be added but on redirect the user will be logged out.
我还启用了日志记录功能,有时在发生错误时我会收到消息会话Cookie数据与预期不符。 ,但这只是一次尝试。另一半我什么也没得到:显示我在Session构造函数末尾放置的一条消息,其他什么也没有。在所有情况下,如果我查看存储在浏览器中的cookie,在发生错误后,cookie的第一部分与哈希都不匹配。
I've also enabled logging and sometimes when the error occurs i get the message The session cookie data did not match what was expected. This could be a possible hacking attempt. but only half of the time. The other half I get nothing: a message that I've placed at the end of the Session constructor is displayed and nothing else. In all the cases if I look at the cookie stored in my browser, after the error the cookie's first part doesn't match the hash.
尽管我知道Codeigniter不使用本机会话,我将 session.gc_maxlifetime 设置为86400。
Also, although I know Codeigniter doesn't use native sessions, I've set session.gc_maxlifetime to 86400.
另一件事是我无法在计算机上重现该错误,但在我测试过此错误的所有其他计算机上,错误的显示方式与上述相同。
Another thing to mention is that I'm unable to reproduce the error on my computer but on all the other computers I've tested this bug appears by the same pattern as mentioned above.
如果对于下一步的工作有任何想法,我将不胜感激。更改为新版本或使用本机会话类(旧的会话类适用于CI 1.7,它仍然可以使用吗?)也是我愿意考虑的选择。
If you have any ideas on what to do next, I'd greatly appreciate them. Changing to a new version or using a native session class (the old one was for CI 1.7, will it still work?) are also options I'm willing to consider.
编辑:我在CI 2.0.3中的Session类和最新的CI Session类之间进行了比较,它们是相同的。
Edit : I've run a diff between the Session class in CI 2.0.3 and the latest CI Session class and they're the same.
推荐答案
这是我解决的方法:标准规定,浏览器不应在POST请求后允许重定向。 CI的 redirect()方法默认发送302重定向。逻辑方法是发送307重定向,这解决了我的问题,但有警告,显示了有关重定向的确认对话框。其他选项是301(永久移动)重定向,或者是我选择的解决方案是javascript重定向。
Here's how I solved it: the standards say that a browser shouldn't allow redirects after a POST request. CI's redirect() method is sending a 302 redirect by default. The logical way would be to send a 307 redirect, which solved my problem but has the caveat of showing a confirm dialog about the redirect. Other options are a 301 (meaning moved permanently) redirect or, the solution I've chosen, a javascript redirect.
这篇关于CI 2.0.3会话heisenbug:20分钟后会话丢失,仅在服务器重定向上,日志中无可疑的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
