I've had the same problem, and I think the problem was in the fix for ticket #3133. Session IDs are regenerated with every page request, however it isn't carrying over the data with that new session id. Therefore all session information is being lost with each page request.
I've added a ticket for this in CakePHP trac: https://trac.cakephp.org/ticket/3694 On Nov 21, 7:22 am, keymaster <[EMAIL PROTECTED]> wrote: > Saw this note from phpnut in bug #3507 on trac: > > ============= > Added id() to Session helper and component to return current Session > id, the component accepts a $id parameter to force setting the Session > id which must be called in a Controller::beforeFilter(). > > Sessions id are not longer renewed if a request is from Ajax, or from > requestAction(); > > When Security.level (1.2) or CAKE_SECURITY (1.1) is set the 'high' > renewing of Session id only happens if request is 2 seconds after the > last request. > > Added $_Session[Config][timeout] which forces renewing Session if > request are within the 2 second limit and over 10 request. If an > application is expected to make multiple request (more than 10) to the > server in a single proccess, Configure::write('Security.level', > 'medium'); (1.2) or $this->Session->security = 'medium'; (1.1) should > be used in a beforeFilter for the specific methods. > ============= > > Anyone understand what this means for ajax requests when CAKE_SECURITY > is high in 1.18? Do we need to change any of our session handling and/ > or ajax code? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
