Tracking down mysterious session-ending bug - codeigniter

I'm using Codeigniter/PyroCMS which uses ion_auth.
I have my session stuff set for two hours. I'm using db sessions.
There is a gremlin somewhere that is booting the session after n minutes, sometimes. It is very random, and as such is hard impossible to reliably reproduce.
I've added log entries to the Session class (specifically sess_destroy) but that merely logs the session being destroyed, which I already knew.
I tried to add a debug_backtrace() into said log entry, but that aint jiving with teh codes (it doesn't get logged/it spits it onto the screen for a split second before the !session redirect).
Is there a good/proper way to track this down?
Thanks guise.
update: I added a few more log entries in Session.php Turns out the db session is being deleted/overwritten incorrectly. WHAI?

This seems a problem quite common. I have used (and happily accepted as recommendation)
Codeigniter's Native session (there is a download link at the bottom)
BUT, due that it is an old library you MUST made some hacks. You can check those simple hacks in the library's forum
Just drop this file in codeigniter's library directory and see if resolve your problem. Please feedback.

Sounds like your session cookie is prematurely expiring. Start by checking the settings in your config file for your session related stuff. Namely the $config['sess_expiration'] value, which defaults to 7200. Which is 2 hours.
Then check your php.ini, which I believe defaults to 3600. (1 hr)
Otherwise, I would say that if your code is on a unix system, try a
grep -Rn 'sess_destroy' .
The other thing you might want to look for is anyplace that is attempting to possibly write NULLs or empty values to the session. It's possible that you don't have a sess_destroy anywhere, but that you could have something to the effect of unset($_SESSION).
Hope this helps.

It appears to have been an issue with the server and resolve.conf mapping things incorrectly.

Related

Issues with Swashbuckle

I have a WebAPI service, written in ASP.NET (not Core), for which I am trying to generate documentation, in order to allow other devs to use it. I found Swashbuckle, and installed it. Then, since I also use OData for some of my services, I added Swashbuckle.OData. Then, I modified the CustomProvider setting in SwaggerConfig to use the ODataSwaggerProvider. I also set ResolveConflictingActions(apiDescriptions => apiDescriptions.First()) because I had a few Actions with the same URL path, differing only by query string (I'll need to address that later). So far so good.
Then, I tested it. I started my web app, then added "/swagger/" to then end. I got a message stating that it was loading the resource info. However, after several minutes, I got a browser error debug popup, stating "Error: Not enough storage is available to complete this operation." It asks if I want to debug, and if I do, it takes me to the debugger in IE (the browser I'm using). The only code in the stack is either from jquery-1-8-0-min-js or swagger-ui-min-js (this part confuses me, as there is no "swagger-ui-min-js" file in my project; I'm assuming it's embedded in the dll). There is no part of the stack trace that floats back up to my code, and all the code there is minified, so it's very difficult to debug.
However, I do know that it is at least partially working, as three of the controllers do show up in the resulting page after you close the error popup. You can navigate through them, and all the GETs, POSTs, PUTs, and DELETEs seem to be there, and you can test them.
Is it the case that whenever you navigate to the "/swagger/" url, Swagger hits all the URLs in the service, in order to generate the documentation? I'm wondering if maybe it is hitting an action that is taking a particularly long time to run, or possibly its generated documentation is taking too much disk space (I have plenty of space on my disk, but maybe it is referring to RAM?).
Anyway, even if that were not an issue, how can I get it to generate something, some kind of document file, that I can send off to someone? I see no new files added to my folders, so it would seem that it re-does the whole process every time you navigate to the swagger URL.
When I tried the Chrome browser, I no longer had the issue (I was using IE11 before). Not sure what the problem was, but this was the workaround.

I am setting up a RETS MLS program using phrets and just wondered what the heck the disable follow location means?

I am setting up a RETS MLS program using phrets and just wondered what the heck the disable follow location means?
$config = new \PHRETS\Configuration;
$config->setLoginUrl('*****************');
$config->setUsername('****');
$config->setPassword('****');
$config->setUserAgent('****');
$config->setRetsVersion('1.7.2');
$config->setOption('disable_follow_location',false);
$config->setOption('use_post_method',true);
$rets = new \PHRETS\Session($config);
There was an old feature in PHP called "safe mode" which, when enabled, would complain if something was using cURL in a way where it would automatically follow server-given redirects. That option was added so that in instances where it wasn't needed (I've never seen it actually used by RETS servers, but it's defined as something RETS clients need to expect), it could be turned off to hide the warning. It should be safe to ignore nowadays with recent versions of PHP.
I'll likely remove that pretty soon just to clean it up.

Leave a self-joined session

I understood by reading the source code that the method leaveSession of the BusAttachment can't be called on a self-joined session. So, how to leave a self-joined session?
Does the call fail? This may be an issue where the documentation is inconsistent with the code. The Java bindings merely call the C++ code, and the C++ code doesn't appear to have a problem leaving self-joined sessions.
I was also having a problem when using the leaveSession method. The error I get from the bus is:
ER_ALLJOYN_LEAVESESSION_REPLY_NO_SESSION
However, when I use the leaveHostedSession, the host leaves the session with success.
Mind that the session lost event will not be fired at the clients if more than one client remains in the session.

Laravel Multi Domain Session

I am not a superb developer, so I guess the problem I did run into is just to big for me.
I have a project where I have different subdomains for the current language. When I login a user it is logged only for the current subdomain. So when I login at "en.Aproject.com", and then go to "de.Aproject.com", the user will not be logged in. They don't share the session. I already tried to modify the 'domain' => null, in app/sessions.php. But when I change the value here the Login doesn't work at all. Then everytime a new Session-row is created in the DB and Laravel seems not to recognize them.
Is the current domain saved somehow in the session identifier? Is it possible to use one session for different domains? I found some stuff about OAuth and Single sign-on but I can not handle it by myself.
I was thinking about (when logging in and the credentials are correct) calling a script via Ajax, which should log in the user for all needed domains. But I would have to do the same for logging out.. And I will probably have a lot of domains. The project will have one base page and several subprojects (all with the different languages). Like this
mainproject.com
en.mainproject.com
de.mainproject.com
...
Aproject.com
en.Aproject.com
de.Aproject.com
...
Bproject.com
en.Bproject.com
de.Bproject.com
...
So it would just feel wrong to log in the user to like 20 different pages and create 20 sessions... It would feel better to just use one session for all of them.
Okay, I hope you understand the problem and someone already had the same problem and found a solution. Thanks!!!!!!!! greets. gerti
Background info.. I am using Laravel 4.2
Now I just tried something, maybe it helps someone. Actually point 2 is weird to me (see below)
I display these 3 things:
Session::getId()
Auth::getName()
var_dump(Session::all())
I display them on "de.Aproject.com". Here I am logged in.
And i display them on "en.Aproject.com"... Where I am still logged out (which I want to fix :D )
The value of Session::getId() is different on both sides. Thats the problem I guess, they should share the same.
The value of Auth::getName() is the same on both sides (login_82e5d2c56bdd0811318f0cf078b78bfc). Which I don't understand. Why does the second page have this value when i am not logged in?
The value of Session::all() is ["login_82e5d2c56bdd0811318f0cf078b78bfc"] => string(17) "test#test.de" on the first site, on the second its empty. Thats correct.
Since the default Laravel authentication system uses cookies to manage the session, you actually need to login the user on each subdomain you're going to use. To avoid that, you can use another session driver like database.

Handle concurrent file download with flex/blazeDs/Spring

I'm currently working on a Flex3/blazeDS/Spring/MySQL project.
In this, some users needs to download some import logs. Problem is that given the singleton concept around spring, if 2 users ask for a download at the same time, the servlet responsible for export file creation may cross content between the 2 asked files.
I'm not that much familiar with spring but from what i've been reading around it seems that the solution lies in saying that the servlet is in "Request" scope so there will be a new one created for each download request instead of having a singleton.
Does anyone have ever done something like this before? Every tutorials i've seen so far explains how to handle file download request but it never talks about the fact that 2 users asking for a download may have some issues...
Thanks for any leads on how to fix this.
Each user will receive his own thread, and you should not have any problems unless using member variables (which is a bad practice anyway). If not, I do not see any problem, but it would help if you can post your code.

Resources