1

I've recently inherited a working websites code, designed with PHP in CodeIgnitor and I'm trying to develop it further. When trying to run it locally (xampp), I've been encountering a problem:

The code builds fine and brings me to the login-page. There I log in using ion-auth, which successfully continues, saves a session (this works) and continues to the landingspage. Yet, as soon as any page is loaded after logging in, it instantly logs the user out and navigates back to the login-page.

The only things changed in code compared to the live website is the database it connects to, the base URL and some navigation. What could be the issue here? Would this be an issue with xampp, ion-auth or some configuration?

// log the user in
public function login()
{
    $this->data['title'] = $this->lang->line('login_heading');

    // validate form input
    $this->form_validation->set_rules('identity', str_replace(':', '', $this->lang->line('login_identity_label')), 'required');
    $this->form_validation->set_rules('password', str_replace(':', '', $this->lang->line('login_password_label')), 'required');

    if ($this->form_validation->run() == true)
    {
        // check to see if the user is logging in
        // check for "remember me"
        $remember = (bool) $this->input->post('remember');

        if ($this->ion_auth->login($this->input->post('identity'), $this->input->post('password'), $remember))
        {
            // if the login is successful
            // redirect them back to the home page
            $this->session->set_flashdata('message', $this->ion_auth->messages());
            redirect('/', 'refresh');
        }
        else
        {
            // if the login was un-successful
            // redirect them back to the login page
            $this->session->set_flashdata('message', $this->ion_auth->errors());
            redirect('auth/login', 'refresh'); // use redirects instead of loading views for compatibility with MY_Controller libraries
        }
    }
    else
    {
        // the user is not logging in so display the login page
        // set the flash data error message if there is one
        $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');

        $this->data['identity'] = array('name' => 'identity',
            'id'    => 'identity',
            'type'  => 'text',
            'value' => $this->form_validation->set_value('identity'),
        );
        $this->data['password'] = array('name' => 'password',
            'id'   => 'password',
            'type' => 'password',
        );

        $this->_render_page('auth/login', $this->data);
    }
}

As Martin suggested, I tried out session_start(); which displayed the following:

A PHP Error was encountered
Severity: Warning

Message: ini_set(): A session is active.
You cannot change the session module's ini settings at this time

Filename: Session/Session.php

Line Number: 281

Backtrace:

File: C:\Programs\xampp\htdocs\modules\applications\azdemo\controllers\Shared.php
Line: 8
Function: __construct

File: C:\Programs\xampp\htdocs\modules\customers\azdemo\index.php
Line: 315
Function: require_once
Wouter Vanherck
  • 2,070
  • 3
  • 27
  • 41
  • likely a session issue, hard to diagnose. you'd have to narrow down the potential issues. – Alex Aug 30 '18 at 07:12
  • You say that the session is successfully set, and that you do access the landing page fine upon logging in, however, upon loading another page you get logged out etc. etc. Have you double checked that the other pages loading has `session_start();` declared? Just to make sure. – Martin Aug 30 '18 at 07:12
  • Basically go through these exact steps mentioned in the answer in this post: https://stackoverflow.com/questions/17242346/php-session-lost-after-redirect if the problem persists, let us know. – Martin Aug 30 '18 at 07:14
  • @Martin I've tried the mentioned steps as best as I could, but they didn't seem to work out. Also, adding session_start(); displays an error, which I've included in the question. – Wouter Vanherck Aug 30 '18 at 10:17
  • @WouterVanherck Alright, looks like sessions are set then. Did you follow all the other steps in the post I linked? – Martin Aug 30 '18 at 10:26
  • @Martin Yeah, I've actually checked out most of the answers in the thread you linked. Can't seem to make it work. Number 7 of that post looked the most promissing but I'm not sure if this is actually the issue. I could post more code if you'd point out what you could use – Wouter Vanherck Aug 30 '18 at 11:13
  • what driver you set on `$config['sess_driver']` ? – ichadhr Sep 03 '18 at 11:44
  • @ichadhr `$config['sess_driver'] = 'files';` – Wouter Vanherck Sep 03 '18 at 11:46
  • you need carefully [read this](https://www.codeigniter.com/userguide3/libraries/sessions.html#id17), and make sure what you set in `sess_save_path` must writeable and readble. – ichadhr Sep 03 '18 at 12:00

2 Answers2

1

Hey so I've faced the same problem. It's related to ion-auth support for php5.6 and php7.2

They use different hashing techniques for different php versions. If you have upgraded your php version you might want to check the ion-auth config files and update the hashing method too.

Here's a bit from the ion auth documentation:

You can choose between bcrypt (from PHP 5.3) or argon2 (from PHP 7.2)

Link to the documentation: ION-Auth

Let me know if it helps and do upvote if you find it useful!

Gaurav Kanted
  • 115
  • 1
  • 1
  • 10
  • 1
    It's been a while and I can't confirm the exact issue, but I checked with the colleague who inherited the project. We were able to keep bcrypt, but might have had to change some configs, so yeah this might have been the solution. Thanks! – Wouter Vanherck Jan 04 '21 at 12:39
0

Temporary solved this issue by downgrading from php7.2.6 to php5.5.38. Might be the case that some libraries need to be upgraded. I've also switched from xampp to mamp pro 4 because of local domain issue's and the fact that you can't downgrade xampp's php version as easily.

Hope this helps someone in the future.

Wouter Vanherck
  • 2,070
  • 3
  • 27
  • 41