Codeigniter session is lost after redirect.
I think this is a codeigniter 3 bug. I created a simple login page with Codeigniter 3.1.0, running on PHP 7.3 with apache webserver. When i click login button, session created and redirected to a home page. But the problem occured here. Session is missing after redirect to home page. I printed out the session by var_dump($this->session->userdata()); but it only shows array(1) { ["__ci_last_regenerate"]=> int(1690643484) } without any contents there.
i then find out for the solution for a week. Finally, i know what the issue exactly is.. The issue is caused by: the length (as well as the name) of session cookie is not match compared to a logic in system/libraries/Session/session.php
If you open the cookie in developer tools, The cookies only have 26 of length.
cae01o74tm54uejufuj0oj921oWhereas in session.php, at the line 133-134, the code only works if cookies length is set to 40 and combination of the name only permitted in number (0-9) and letter (a-f).
That doesn’t meet the current condition. So we must change this line to
preg_match('/^[0-9a-z]{22,40}$
I found that solution from stackoverflow: https://stackoverflow.com/questions/12240922/what-is-the-length-of-a-php-session-id-string
I just known, the session cookies length is generated based on session.sid_length and session.sid_bits_per_character in php.ini. For example, in my computer i now used:
- session.sid_length = 26
- session.sid_bits_per_character = 5
That means, the cookie will have max 26 of length (example: cae01o74tm54uejufuj0oj921o), whereis contains 5 bits per character (5 bits: 0-9, a-v).
So if you wanna adjust it, you can change on your php.ini. Don’t forget to restart your apache if you made any changes.
