Codeigniter 会话因 ajax 调用而出错 [英] Codeigniter session bugging out with ajax calls

查看:23
本文介绍了Codeigniter 会话因 ajax 调用而出错的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我的 CodeIgniter 应用程序使用会话库并将数据保存到数据库.

My CodeIgniter app uses the session library and saves data to the DB.

我遇到了一些问题,即在某个 ajax 调用后创建了空白会话.

I've been having some problems where blank sessions are created after a certain ajax call.

经过调查,似乎同时触发了 2 个需要会话验证的函数调用.一个会失败,另一个会很好.

Upon investigating, it seems that there were 2 simultaneous functions calls that fired off that require a session validation. One would fail and the other would be fine.

我能够通过不让它们同时开火来解决这个问题.但我仍然不明白它失败的原因.这是否与更新用户 cookie 的一次调用和第二次调用无效有关?或者也许在读取数据库时它以某种方式死了?

I was able to fix this by not having them fire off simultaneously. But I still don't understand the REASON why it fails. Does it have to do with one call updating the user cookie and the 2nd call invalidating? Or maybe when reading the DB it dies somehow?

我查看了 Session 核心类,没有找到任何原因的线索.

I looked over the Session core class a bit and have not found any clues to the cause.

如果有人遇到同样的问题,我将不胜感激关于如何调试或原因是什么的任何建议.

If any one had the same problem before I would appreciate any advice on how to debug or what the cause is.

谢谢!

我最初说的是 408 状态返回.那是一个不相关的案例.

I originally said there was a 408 status return. That was an unrelated case.

这是并行触发 MyVar.refresh() 的函数:

This is the function that fires off MyVar.refresh() in parallel:

function (event)
{
    var self$ = this.a$;
    var uid  = this.b$.val();
    var tid  = this.c$.val();
    var jqxhr = $.post('/controller1/index',{'uid':uid,'tid':tid,'action':true},function(re)
    {
        if(re.message != 'success')
        {
            MyVar.alert('<span class="msg_error sprite"></span>' + re.error);
            MyVar.refresh();
        } 

    },'json');
    MyVar.refresh();
    return stopDefault(event);
};

可能的解决方案:

发现这个:http://codeigniter.com/forums/viewthread/102456/

显然它不能很好地与 ajax 配合使用.一种解决方案是,如果是 ajax 调用,则禁止会话更新;唯一的问题是我们的网站主要是用 ajax 构建的..

Apparently it doesn't play well with ajax. One solution is to disallow session update if it is an ajax call; only problem is that our site is mostly built with ajax..

此外,只需将 sess_time_to_update 降低到非常频繁的程度并且 ajax 运行良好.还刷新了浏览器,但没有超时.不知道为什么会话 ID 在 ajax 调用时已经更改并且浏览器 cookie 从未更新.

Also, just lowered the sess_time_to_update to something very frequent and ajax was doing fine. Also did a browser refresh and it did not timeout. Not sure why if the session ID has already changed upon an ajax call and browser cookies were never updated.

推荐答案

试试这个

<?php
/**
 * ------------------------------------------------------------------------
 * CI Session Class Extension for AJAX calls.
 * ------------------------------------------------------------------------
 *
 * ====- Save as application/libraries/MY_Session.php -====
 */

class MY_Session extends CI_Session {

    // --------------------------------------------------------------------

    /**
     * sess_update()
     *
     * Do not update an existing session on ajax or xajax calls
     *
     * @access    public
     * @return    void
     */
    public function sess_update()
    {
        $CI = get_instance();

        if ( ! $CI->input->is_ajax_request())
        {
            parent::sess_update();
        }
    }

}

// ------------------------------------------------------------------------
/* End of file MY_Session.php */
/* Location: ./application/libraries/MY_Session.php */

问题出在 session 类的 sess_update 函数中,它在 X 秒后生成一个新的 session_id.每个页面都有一个 session_id,如果 session_id 在 ajax 调用之前过期,则调用将失败.

The problem is in the sess_update function of the session class, that generates a new session_id after X seconds. Every page have a session_id, if the session_id expires before the ajax call is made, that call will fail.

在/application/libraries/中创建一个名为 MY_Session(或您设置的任何前缀)的 php 文件,将此代码粘贴到那里,就是这样.此函数将覆盖会话类中的 sess_update 函数,检查每个请求是否由 ajax 发出,跳过 sess_update 函数.

Create a php file in /application/libraries/ with the name MY_Session (or whatever prefix you set), paste this code there and that is all. This function will override the sess_update function in the session class, checking on every request if that request was made by ajax, skipping the sess_update function.

将 sess_expiration 设置为更高的值是个坏主意.这是一项安全功能,可保护您免受会话劫持

Its a bad idea set the sess_expiration at higher values. This is a security feature that will protect you against session hijaking

PD:我的英语不是很流利,如果你不明白什么就告诉我.

PD: i'm not very fluent in english, if you dont understand something just let me know.

这篇关于Codeigniter 会话因 ajax 调用而出错的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆