Hell all, I'm having a curious issue where my session is being lost
randomly in the administration section of my CMS, in IE & FireFox.
They will be editing this VIA the admin and when they hit submit to
save their changes their session is lost and they are redirected to
the log in screen.
Session.checkAgent is false, Security.level is low, and sessions are
being saved VIA PHP. I don't use ACL, however I have a very simple log
in method and check method. Which cut down to a short version grabs
the username and password being submitted compares it to the records
in the database and if so follows through accordingly and saved the
user_id and group_id in the session, and the database in the sessions
table, which only holds the user_id and timestamp, which is then
checked when pages are being loaded that need protection, etc. Simple
right?
$this->checkAuth(1);
function checkAuth($group_id) {
$result = $this->Session->read('User');
if (empty($result)) {
$this->Session->destroy();
$this->redirect(array('controller' => 'users', 'action' =>
'login'));
} else {
$this->{$this->modelClass}->query("DELETE FROM sessions WHERE
user_id=".$result['User']['id']);
$this->{$this->modelClass}->query("INSERT INTO
sessions(user_id,time) VALUES(".$result['User']['id'].",
".time().")");
}
if ($result['User']['group_id'] == $group_id) {
return true;
}
$this->redirect(array('admin' => false, 'controller' => 'users',
'action' => 'denied'));
}
There is another scrip that runs every 15 minutes that deletes
everything in the sessions table.
I've checked the error and debug logs, nothing shows up. I've asked
the client to clear their browser history, temp files, etc and
restart, the problem still exists.
Has anyone else had this issue? Is it possibly my code? I'm a bit at
my end here as I've checked everything I can think of and am no closer
to solving than I was at t he beginning. Any help or ideas would be
gratefully appreciated.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
