Search Results

Search found 10670 results on 427 pages for 'session cookie'.

Page 16/427 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner?

    - by newbtophp
    Hi! Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner? As I'm setting a custom directory for the sessions, because I've read from various php security guides, that setting a custom directory on shared hosting for sessions; can improve session security. But the problem is I've read somewhere that PHP does/handles the session garbage cleaning only when the session_save_path is the default and not modified (ie. using a custom directory)? - is this true, if so is their a solution for this?. (take into consideration I'm using shared hosting). Appreciate all help!

    Read the article

  • Hibernate + Spring + session + cache

    - by andromeda
    We are using Hibernate with Spring for our Java application. We find out that when a session update something in database other sessions can not see the update. For example user1 get the account balance from database then user2 increase the balance , if user1 get the object another time he see the account balance before updating (seems that session use the value from its cache) but we want to get the updated object with new account balance. User1 use one session during all activity that is different from user2 session. Is any configuration to force to get the updated object from database? or any other help?

    Read the article

  • Session Sharing with another User on *NIX and Windows

    - by Giri Mandalika
    Oracle Solaris Since Solaris is not widely known for its graphical interface, let's just focus on sharing a terminal session in read-only mode with another user on the same system. Here is an example. eg., % finger Login Name TTY Idle When Where root Super-User pts/1 Sat 16:57 dhcp-amer-vpn-rmdc-a sunperf ??? pts/2 4 Sat 16:41 pitcher.sfbay.sun.com In this example, two users root and sunperf are connected to the same system from two different terminals pts/1 and pts/2 respectively. If the root user wants to show something to sunperf user -- what s/he is doing in her/his terminal, for example, it can be accomplished with the following command. script -a /dev/null | tee -a <target_terminal eg., # script -a /dev/null | tee -a /dev/pts/2 Script started, file is /dev/null # # uptime 5:04pm up 1 day(s), 2:56, 2 users, load average: 0.81, 0.81, 0.81 # # isainfo -v 64-bit sparcv9 applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc 32-bit sparc applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc v8plus div32 mul32 # # exit Script done, file is /dev/null After the script .. | tee .. command, sunperf user should be able to see the root user's stdin and stdout contents in her/his own terminal until the script session exits in root user's terminal. Since this kind of sharing is based on capturing and redirecting the contents to the target terminal, the users on the receiving end won't be able to see whatever is being edited on initiators' terminal [using editors such as vi]. Also it is not possible to share the session with any connected user on the system unless the initiator has the necessary permissions and privileges. The script utility records everything printed in a terminal session, while the tee utility replicates the contents of the screen capture on to the standard output of the target terimal. The tee utility does not buffer the output - so, the screen capture from the initiators' terminal appears almost right away in the target terminal. Though I never tested, this technique may work on all *NIX and Linux flavors with little or no changes. Also there might be other ways to accomplish this. [Thanks to Sujeet for sharing this tip] Microsoft Windows Most of the Windows users may rely on VNC services to share a desktop session. Another way to share the desktop session is to use the Remote Desktop Connection (RDC) client. Here are the steps. Connect to the target Windows system using Remote Desktop Connection client Launch Windows Task Manager Navigate to the "Users" tab Find the user session that you want to connect to and have full control over as the other user who is currently holding that session Select the user name in Windows Task Manager, right click and choose the option "Remote Control" A window pops up on the other user's session with the message "<USER is requesting to control your session remotely. Do you accept the request?" Once the other user says "Yes", you will be granted access to that session. Since then both users should be able to see the same screen and even control the session from their respective workstations.

    Read the article

  • if cookies are disabled, does asp.net store the cookie as a session cookie instead or not?

    - by Erx_VB.NExT.Coder
    basically, if cookeis are disabled on the client, im wondering if this... dim newCookie = New HttpCookie("cookieName", "cookieValue") newCookie.Expires = DateTime.Now.AddDays(1) response.cookies.add(newCookie) notice i set a date, so it should be stored on disk, if cookies are disabled does asp.net automatically store this cookie as a session cookie (which is a cookie that lasts in browser memory until the user closes the browser, if i am not mistaken).... OR does asp.net not add the cookie at all (anywhere) in which case i would have to re-add the cookie to the collection without the date (which stores as a session cookie)... of course, this would require me doing the addition of a cookie twice... perhaps the second time unnecessarily if it is being stored in browsers memory anyway... im just trying not to store it twice as it's just bad code!! any ideas if i need to write another line or not? (which would be)... response.cookies.add(New HttpCookie("cookieName", "cookieValue") ' session cookie in client browser memory thanks guys

    Read the article

  • Rails - Multiple top level domains and a single session/cookie

    - by Thadius B
    Hello all, I've been struggling with this for quite awhile and haven't been able to find a solution. I need a user to be able to view multiple top level domains with a single login. My understanding is that this needs to be set in environment.rb and called with before_dispatch. This is what I've come up with: require 'activesupport' require 'dispatcher' module ActionController class Dispatcher def set_session_domain ActionController::Base.session_options.update :session_domain => "#{@request.host}" end before_dispatch :set_session_domain end end However, this does not seem to be working when I try and pull the values from session[:session_domain]. Any help is greatly appreciated.

    Read the article

  • Response is not available in this context when creation cookie's

    - by Sadegh
    hi i defined one class to create cookie by received parameter's from user. when i want to add cookie to context i receive an exception. My Class public static class ManageCookies { public static void Create(string name, string value) { HttpCookie cookie = new HttpCookie(name); cookie.Value = value; cookie.Expires = DateTime.Now.AddYears(1); HttpContext.Current.Response.Cookies.Add(cookie); } } Occured Exception: Response is not available in this context.

    Read the article

  • Browser forgets about registered cookie after leaving domain

    - by Sergej Andrejev
    I have following problem. I register a cookie Set-Cookie EhdSite_SessionId=b0ptrr45xgclea55kjqp2o45; path=/; HttpOnly Do something on the same host (user always sends cookie header) Cookie EhdSite_SessionId=b0ptrr45xgclea55kjqp2o45 then I redirect user to other host After filling all the required data user went back to first host Here user doesn't send the cookie Does that mean that without expiration date cookie is destroyed by browser not when closing browser but when leaving the domain

    Read the article

  • How to implement Session timeout in Web Server Side?

    - by Morgan Cheng
    I beheld a web framework implementing in-memory session in this way. The session object is added to Cache with timeout. When the time is out, the session is removed from Cache automatically. To protect race condition, each request should acquire lock on given session object to proceed. Each request will "touch" the session in Cache to refresh the timeout. Everything looks fine, until this scenario is discovered. Say, one operation takes a long time, longer than timeout. Another request comes and wait on session lock which is currently hold by the long-time request. Finally, the long-time request is over, it releases the lock. But, since it already takes longer time than timeout, the session object is already removed from Cache. This is obvious because the only request holding the lock doesn't have a chance to "touch" the session object in cache. The second request gets the lock but cannot retrieve the expired Session object. Oops... To fix this issue, the second request has to re-create the Session object. But, this is just like digging a buried dead body from tomb and try to bring it back to life. It causes buggy code. I'm wondering what's the best way to implement timeout in session to handle such scenario. I know that current platform must have good session mechanism. I just want to know the under-the-hood how.

    Read the article

  • why javascript can not read the cookie in asp.net ?

    - by MemoryLeak
    I want to read the sessionid in cookie which is automatically generated by asp.net. such as ASP.NET_SessionId. but when i use javascript: document.cookie = "ASP.NET_SessionId=;" since i want to set the ASP.NET_SessionId to be empty. but after the javascript executed, i found instead of change the ASP.NET_SessionId to empty, system generate a new cookie with ASP.NET_SessionId equal to empty. why system not modify the cookie but generate a new one ? Thanks!

    Read the article

  • Change the Session Variable Output

    - by user567230
    Hello I am using Dreamweaver CS5 with Coldfusion 9 to build a dynamic website. I have a MS Access Database that stores login information which includes ID, FullName, FirstName, LastName, Username, Pawword, AcessLevels. My question is this: I currently have session variable to track the Username when it is entered into the login page. However I would like to use that Username to pull the User's FullName to display throughout the web pages and use for querying data. How do I change the session variable to read that when they are not entering their FullName on the login page but only Username and password. I have listed my login information code below if there is any additional information needed please let me know. This is the path for which the FullName values reside DataSource "Access" Table "Logininfo" Field "FullName" I want the FullName to be unique based on the Username submitted from the Login page. I apologize in advance for any rookie mistake I may have made I am new to this but learning fast! Ha. <cfif IsDefined("FORM.username")> <cfset MM_redirectLoginSuccess="members_page.cfm"> <cfset MM_redirectLoginFailed="sorry.cfm"> <cfquery name="MM_rsUser" datasource="Access"> SELECT FullName, Username,Password,AccessLevels FROM Logininfo WHERE Username=<cfqueryparam value="#FORM.username#" cfsqltype="cf_sql_clob" maxlength="50"> AND Password=<cfqueryparam value="#FORM.password#" cfsqltype="cf_sql_clob" maxlength="50"> </cfquery> <cfif MM_rsUser.RecordCount NEQ 0> <cftry> <cflock scope="Session" timeout="30" type="Exclusive"> <cfset Session.MM_Username=FORM.username> <cfset Session.MM_UserAuthorization=MM_rsUser.AccessLevels[1]> </cflock> <cfif IsDefined("URL.accessdenied") AND false> <cfset MM_redirectLoginSuccess=URL.accessdenied> </cfif> <cflocation url="#MM_redirectLoginSuccess#" addtoken="no"> <cfcatch type="Lock"> <!--- code for handling timeout of cflock ---> </cfcatch> </cftry> </cfif> <cflocation url="#MM_redirectLoginFailed#" addtoken="no"> <cfelse> <cfset MM_LoginAction=CGI.SCRIPT_NAME> <cfif CGI.QUERY_STRING NEQ ""> <cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)> </cfif> </cfif>

    Read the article

  • What is the pros and cons in using FormsAuthentication to persist login cookie?

    - by stacker
    What is the pros and cons in using FormsAuthentication to persist a login cookie? I see that StackOverflow ignore FormsAuthentication and instead implemented a different strategy to persist a login cookie. Pros Out of the box implementation for persistent login feature. Cons The login feature depends on the machine key which mean that I need to make sure that the machine key is the same on all the servers in the farm. The cookie contains wired encrypted values that don't really make sense to store in the cookie.

    Read the article

  • HAProxy appsession vs cookie precedence

    - by user1139473
    I am trying to find the best solution for balancing and keeping persistence on our application behind HAProxy. Here is our basic configuration: https://gist.github.com/endzyme/1804046b23c37beba520 After playing around with taking members down and up and also reloading the haproxy (with -sf) I have noticed that appsession isn't 100% effective, it would appear that sometimes it doesn't always 'request-learn'. I also tried to add a cookie JSESSION prefix to balance in case request-learn didn't take. Unfortunately it would present scenarios where the prefix would list svr2 but it was balanced to a different server. I am assuming it's because the appsession table takes first then sticks on that before using the cookie parameter. I have not tested with using cookie as an inserted option (not prefix on existing cookie) but I am thinking it would yield similar results. My question is: Which one is checked first, appsession or cookie, and is it an immediate catch after it reads the first one, or a fall through? Also as a follow up - is it not recommended to use both in the same backend? Cookie as I understand takes less memory resources, is agnostic to reloads and has way better reliability of persistence. Appsession I assume takes less cpu resource, since it's reading not writing. (Bonus Question: is there a way to inspect appsession/cookie table map? socket show table doesn't show anything except stick-tables) Many thanks in advance, -Nick

    Read the article

  • Apache has many PHP session files

    - by PiTheNumber
    # ls /var/lib/php5 | wc -l 7488 # ls -la -rw------- 1 wwwrun www 0 Nov 9 15:30 sess_vtuh671rlafdidfjmgjfu6065p4tfieg -rw------- 1 wwwrun www 0 Nov 12 02:30 sess_vu9pn476oiqbsd20q4s2brt60b9vg90d -rw------- 1 wwwrun www 0 Nov 9 15:07 sess_vuonfs2cqsdiq8ja51ornh6lp5j9mf93 -rw------- 1 wwwrun www 0 Nov 9 16:02 sess_vuutcad8as55il34db3uqhqrsltd4q6o -rw------- 1 wwwrun www 0 Nov 9 23:26 sess_vv2mrv5dnlnts6das4g5jlfldael4l0e -rw------- 1 wwwrun www 44 Nov 9 20:35 sess_vvc0cfjuvk3lqb5m97fv6gsmv6bjhsdk -rw------- 1 wwwrun www 0 Nov 9 10:33 sess_vvq82fhj9lg29gaejemlb2lrk25mqv7d -rw------- 1 wwwrun www 0 Nov 9 20:36 sess_vvtd4ka8rfmcroa34unl06916ubj8sb9 Most of them are empty. There are not so many users on the server so I wonder where those files came from. Is this a problem or how does apache handle those file? Do they get delete automaticly? Could this be caused by a bad PHP file?

    Read the article

  • Proper way to configure ~/.Xsession with a standalone window manager to gracefully end a session

    - by cYrus
    I'm using xdm and my ~/.Xsession looks like this: # <initialization stuff here> exec openbox It works, but I've noticed that when I log out Openbox doesn't gracefully kill all the applications. In particular Google Chrome complains about that. How can I make sure to wait for all processes to exit (just like others configurations: Gnome, KDE, Windows ...)? The only (ugly) solution that I've found involves sleep and kill into ~/.Xsession.

    Read the article

  • ASP.NET MVC Session Expiration

    - by Andrew Flanagan
    We have an internal ASP.NET MVC application that requires a logon. Log on works great and does what's expected. We have a session expiration of 15 minutes. After sitting on a single page for that period of time, the user has lost the session. If they attempt to refresh the current page or browse to another, they will get a log on page. We keep their request stored so once they've logged in they can continue on to the page that they've requested. This works great. However, my issue is that on some pages there are AJAX calls. For example, they may fill out part of a form, wander off and let their session expire. When they come back, the screen is still displayed. If they simply fill in a box (which will make an AJAX call) the AJAX call will return the Logon page (inside of whatever div the AJAX should have simply returned the actual results). This looks horrible. I think that the solution is to make the page itself expire (so that when a session is terminated, they automatically are returned to the logon screen without any action by them). However, I'm wondering if there are opinions/ideas on how best to implement this specifically in regards to best practices in ASP.NET MVC.

    Read the article

  • Checking if a session is active

    - by Josh
    I am building a captcha class. I need to store the generated code in a PHP session. This is my code so far: <?php class captcha { private $rndStr; private $length; function generateCode($length = 5) { $this->length = $length; $this->rndStr = md5(time() . rand(1, 1000)); $this->rndStr = substr($rndStr, 0, $this->length); return $rndStr; if(session_id() != '') { return "session active"; } else { return "no session active"; } } } ?> And using this code to check: <?php include('captcha.class.php'); session_start(); $obj = new captcha(); echo $obj->generateCode(); ?> But it doesn't output anything to the page, not even a PHP error. Does someone know why this is? And is there a better way I can check if I've started a session using session_start()? Thanks.

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

  • Rails 2.3 session

    - by Sam Kong
    Hi, I am developing a rails 2.3.2 app. I need to keep session_id for an order record, retrieve it and finally delete the session_id when the order is completed. It worked when I used cookies as session store but it doesn't for active_record store. (I restarted my browser, so no cache issue.) I know rails 2.3 implements lazy session load. I read some info about it but am still confused. Can somebody clarify how I use session_id for such a case? What I am doing is... A user make an order going through several pages. There is no sign-up, neither login. So I keep session_id in the order record so that no other user can access the order. @order = Order.last :conditions = {:id = params[:id], :session_id = session[:session_id] } When the order is finished, I set nil to session_id column. How would you implement such a case in lazy session(and active_record store) environment? Thanks. Sam

    Read the article

  • jQuery Collapse (with cookies), default open instead of closed?

    - by Christian
    Hi. I've got a jQuery snippet which basically allows a user to toggle a div, open or closed - their preference is saved in a cookie. (function($) { $.fn.extend({ collapse: function(options) { var defaults = { inactive : "inactive", active : "active", head : ".trigger", group : ".wrap-me-up", speed : 300, cookie : "collapse" }; // Set a cookie counter so we dont get name collisions var op = $.extend(defaults, options); cookie_counter = 0; return this.each(function() { // Increment cookie name counter cookie_counter++; var obj = $(this), sections = obj.find(op.head).addClass(op.inactive), panel = obj.find(op.group).hide(), l = sections.length, cookie = op.cookie + "_" + cookie_counter; // Look for existing cookies for (c=0;c<=l;c++) { var cvalue = $.cookie(cookie + c); if ( cvalue == 'open' + c ) { panel.eq(c).show(); panel.eq(c).prev().removeClass(op.inactive).addClass(op.active); }; }; sections.click(function(e) { e.preventDefault(); var num = sections.index(this); var cookieName = cookie + num; var ul = $(this).next(op.group); // If item is open, slide up if($(this).hasClass(op.active)) { ul.slideUp(op.speed); $(this).removeClass(op.active).addClass(op.inactive); $.cookie(cookieName, null, { path: '/', expires: 10 }); return } // Else slide down ul.slideDown(op.speed); $(this).addClass(op.active).removeClass(op.inactive); var cookieValue = 'open' + num; $.cookie(cookieName, cookieValue, { path: '/', expires: 10 }); }); }); } }); })(jQuery); Demo: http://christianbullock.com/demo/ I'm just wondering how I can display the list open as default, and have the div collapse when the header is clicked? Many thanks. Christian.

    Read the article

  • Session Variable Not Being Updated? ASP.NET

    - by davemackey
    I have a three step wizard. On the first step I use a repeater to create a series of buttons that an individual can select from. When the user selects one of the buttons the value of the button is saved to session state. They are taken to the next step and shown a similar list of buttons that are based on what they previously selected. Thus, if you choose "Hamburger" you might receive the options of "onion", "lettuce", "tomato" while if you choose "Hot Dog" you might receive "sauerkraut" and "ketchup". Lets say an individual chooses Hamburger. This is saved into session state like so: Public Sub Button_ItemCommand(ByVal Sender As Object, ByVal e As RepeaterCommandEventArgs) ' ******** Lets pass on the results of our query in LinqDataSource1_Selecting. Session("food_select") = RTrim(e.CommandName) Wizard1.ActiveStepIndex = 1 End Sub Now, this works fine and dandy. But lets say I select hamburger and then realize I'm really hankering for a hot dog. I go back to the first wizard step and click on the hot dog button - but when the wizard progresses to the next step I still see the options for hamburgers! The session variable has not been updated. Why? Thanks!

    Read the article

  • "Session is Closed!" - NHibernate

    - by Alexis Abril
    This is in a web application environment: An initial request is able to successfully complete, however any additional requests return a "Session is Closed" response from the NHibernate framework. I'm using a HttpModule approach with the following code: public class MyHttpModule : IHttpModule { public void Init(HttpApplication context) { context.EndRequest += ApplicationEndRequest; context.BeginRequest += ApplicationBeginRequest; } public void ApplicationBeginRequest(object sender, EventArgs e) { CurrentSessionContext.Bind(SessionFactory.Instance.OpenSession()); } public void ApplicationEndRequest(object sender, EventArgs e) { ISession currentSession = CurrentSessionContext.Unbind( SessionFactory.Instance); currentSession.Dispose(); } public void Dispose() { } } SessionFactory.Instance is my singleton implementation, using FluentNHibernate to return an ISessionFactory object. In my repository class, I attempt to use the following syntax: public class MyObjectRepository : IMyObjectRepository { public MyObject GetByID(int id) { using (ISession session = SessionFactory.Instance.GetCurrentSession()) return session.Get<MyObject>(id); } } This allows code in the application to be called as such: IMyObjectRepository repo = new MyObjectRepository(); MyObject obj = repo.GetByID(1); I have a suspicion my repository code is to blame, but I'm not 100% sure on the actual implementation I should be using. I found a similar issue on SO here. I too am using WebSessionContext in my implementation, however, no solution was provided other than writing a custom SessionManager. For simple CRUD operations, is a custom session provider required apart from the built in tools(ie WebSessionContext)?

    Read the article

  • PHP does not store all variables in session

    - by Flurin Juvalta
    Dear all I'm assigning session variables by filling the $_SESSION - Array throughout my script. My problem is, that for some reason not all variables are available in the session. here is a shortened version of my code for explaining this issue: session_start(); print_r($_SESSION); $_SESSION['lang'] = 'de'; $_SESSION['location_id'] = 11; $_SESSION['region_id'] = 1; $_SESSION['userid'] = 'eccbc87e4b5ce2fe28308fd9f2a7baf3'; $_SESSION['hash'] = 'dce57f1e3bc6fba32afab93b0c38b662'; print_r($_SESSION); first call prints something like this: Array ( ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) the second call prints: Array ( [lang] => de [location_id] => 11 [region_id] => 1 ) Array ( [lang] => de [location_id] => 11 [region_id] => 1 [userid] => eccbc87e4b5ce2fe28308fd9f2a7baf3 [hash] => dce57f1e3bc6fba32afab93b0c38b662 ) As you can see, the important login information is not stored in the session. Does anybody has an idea what could be wrong with my session? Thanks for your answers!

    Read the article

  • ASP.Net Session Storage provider in 3-layer architecture

    - by Tedd Hansen
    I'm implementing a custom session storage provider in ASP.Net. We have a strict 3-layer architecture and therefore the session storage needs to go through the business layer. Presentation-Business-Database. The business layer is accessed through WPF. The database is MSSQL. What I need is (in order of preference): A commercial/free/open source product that solves this. The source code of a SqlSessionStateStore (custom session store) (not the ODBC-sample on MSDN) that I can modify to use a middle layer. I've tried looking at .Net source through Reflector, but the code is not usable. Note: I understand how to do this. I am looking for working samples, preferably that has been proven to work fine under heavy load. The ODBC sample on MSDN doesn't use the (new?) stored procs that the build in SqlSessionStateStore uses - I'd like to use these if possible (decreases traffic). Edit1: To answer Simons question on more info: ASP.Net Session()-object can be stored in either InProc, ASP.Net State Service or SQL-server. In a secure 3-layer model the presentation layer (web server) does not have direct/physical access to the database layer (SQL-server). And even without the physical limitations, from an architectural standpoint you may not want this. InProc and ASP.Net State Service does not support load balancing and doesn't have fault tolerance. Therefore the only option is to access SQL through webservice middle layer (business layer).

    Read the article

  • Codeigniter Inputting session data from model for a simple authentication system

    - by user1616244
    Trying to put together a simple login authentication. Been at this for quite sometime, and I can't find where I'm going wrong. Pretty new to Codeigniter and OOP PHP. I know there are authentication libraries out there, but I'm not interested in using those. Model: function login($username, $password){ if ($this->db->table_exists($username)){ $this->db->where('username', $username); $this->db->where('password', $password); $query = $this->db->get($username); if($query->num_rows >= 1) { return true; $data = array( 'username' => $this->input->post('username'), 'login' => true ); $this->session->set_userdata($data); } } } Controller function __construct(){ parent::__construct(); $this->logincheck(); } public function logincheck(){ if ($this->session->userdata('login')){ redirect('/members'); } } If I just echo from the controller: $this-session-all_userdata(); I get an empty array. So the problem seems to be that the $data array in the model isn't being stored in the session.

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >