Flourish PHP Unframework
This is an archived copy of the forum for reference purposes

Using fSession and fAuthorization together.

posted by sumsingcorprait 10 years ago

Your library has been great so far, being very comprehensive and well documented. However, fSession and fAuthorization do not seem to work together for me. In the config file included by every page, when I set: 

fSession::setPath('E:\\blah\\blah');
fSession::setLength('2 days');
fSession::ignoreSubdomain();

Then fAuthorization stops working across pages.

I noticed that every time I use my login script, two session files are created at E:
blah
blah, one of them blank and the other containing the authentication and session data which I need. Is this normal, or a sign of error that I am doing something wrong?

The symptoms you are describing do seem odd, almost as if you are calling fAuthorization methods before configuring the session.

Can you put the following code before your fSession method calls? It should output the state of the $_SESSION superglobal. In your case it should show {null}. 

fCore::expose($_SESSION);
posted by wbond 10 years ago

Thanks for your reply. Using the expose() method and some debugging, I found where the problem is coming from.

The problem is that every time fSession::get() is called, a new, blank session file is being created in the session path. The method fSession::set() works just fine, but whatever I set with it can't be read by get() due to this issue.

Any ideas?

posted by sumsingcorprait 10 years ago

Nevermind, I fixed the problem. I still do not know why Flourish kept creating those blank session files, but simply not setting fSession::setPath() worked for me. The reason things kept getting confusing was that when debugging using fCore::expose(), I forgot that I needed to manually call session_start().

Thanks for your help and best wishes towards your library's success.

SC

posted by sumsingcorprait 10 years ago

Interesting about the fSession::setPath(). If you have a chance, can you try re-enabling that call and after you start the session run the following code: 

fCore::expose(session_save_path());

This should output that directory that you set in fSession::setPath().

posted by wbond 10 years ago

I'm getting a blank session file as well. I have the same exact setup as sumsingcorprait. After I login I have one blank file and one file with actual session data. I checked fCore::expose(session_save_path()); and it is returning what I expect, the session storage directory I setup.

Not sure how not setting fSession::setPath(); fixes it? I thought that was required? Mine is in my config file for every page.

Any ideas?

posted by vanny 8 years ago

Strange... not sure if this is helpful, but I was running a few scenarios trying to isolate the behavior.

Edit: If I login after being redirected from a page with fAuthorization::requireLoggedIn(); There is no blank file at all, instead there is a session with some url redirection data. Perhaps the empty file has something to do with that?

Scenario one If I login and then logout by only calling fAuthorization::destroyUserInfo(); The empty session file is created (on login) and hangs around after logout. This same file will hang around unmodified, a new one is only created if a manually delete the empty file.

Scenario two If if I repeatedly login and logout with fAuthorization::destroyUserInfo(); and fSession::destroy(); a new empty session file is created each time.

posted by vanny 8 years ago