9

I have an application built with codeigniter using the sessions class and storing session data in a database. The problem is I'm getting extra session records in my database when my webpage loads a css file.

Up until recently I was running my application on a simple VPS host provided by rackspace. Database and Apache were both running on the same VPS. Recently however I've migrated my application to PHPFog to allow it to scale more easily. I didn't have this issue with my former hosting setup.

enter image description here

The row with the populated value for user_data is my original session. The other three blank sessions are the result of simply refreshing the page three times. I seem to have tracked it down to including a css file in my header, when I comment it out or delete it the issue goes away. It's only this particular css file also, other css/js/image files don't cause this issue.

Here is a link to the css file in question: http://pastebin.com/XfEBNFiC

Anyone know what could be causing this? Thanks!

UPDATE: I realized the html of the page in question might be helpful. Commenting out the stylesheet include on line 13 makes the issue go away. http://pastebin.com/iBEb4he6

UPDATE2:

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 300;

/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path'   =  Typically will be a forward slash
| 'cookie_secure' =  Cookies will only be set if a secure HTTPS connection exists.
|
*/

$config['cookie_domain']    = 'casey.phpfogapp.com'; //$base_url_parts['host'];
$config['cookie_path']      = '/';

$config['cookie_prefix']    = "";
$config['cookie_secure']    = FALSE;
Improve this question
15
  • a record being created in my sessions table for every page request? The table would grow rapidly and be full of useless session records that don't actually correlate to a users session. Oh I should probably state that the actual users session doesn't appear to be lost. Session properties/variables are maintained from request to request. It's just these new records appearing out of nowhere. Commented Jul 19, 2011 at 18:54
  • I updated the question to contain a link to my html that includes the style sheet Commented Jul 19, 2011 at 18:55
  • I have seen problems of duplicated sessions with CI (eventually causing a logout due to a blank session, so this is an issue) all linked to AJAX calls. The css file is always in the head section ? is it hosted on the same server ? Commented Jul 19, 2011 at 18:56
  • 1
    From the CI User Guide -> " Note: The Session class has built-in garbage collection which clears out expired sessions so you do not need to write your own routine to do it." Commented Jul 19, 2011 at 18:57
  • 1
    Hm, weird. Let's look at this logically: an CI cookie is set, so an CI file (your config file for instance) is included. Set it up so that when the $_SERVER['REQUEST_URI'] matches the css file you write a debug_print_backtrace(); to a file. Examine that file and you may know more. auto_append/prepend are settings in ini-files/vhost config/.htaccess files, you can check them with ini_get(). Commented Jul 19, 2011 at 20:06

2 Answers 2

Reset to default
4

In my applications I place the following code into .htaccess for preventing a cookie to be sent with css/js/images requests:

#.htaccess

# Use Mod_deflate to compress static files
<ifmodule mod_deflate.c>
<filesmatch ".(js|css|ico|txt|htm|html|php)$">
SetOutputFilter DEFLATE
</filesmatch>
</ifmodule>

# Speed up caching
FileETag MTime Size

# Expires
ExpiresActive On
ExpiresDefault "access plus 366 days"

# Future Expires Headers
<filesmatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Sat, 27 Dec 2014 23:59:59 GMT"
</filesmatch>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I had this issue before and the problem was that the CI cookie name cannot have dots in it.

bad cookie name: .domain.com

smooth criminal: mydomaincom

I was using the domain name with dots for the cookie name to enable domain wide cookies (share cookies from the main domain to all its subdomains), turns out I've found that the only thing I needed for that was:

$config['cookie_domain']    = ".domain.com";
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.