#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    198
    Rep Power
    3

    Storing Data To Config File


    Hi,

    I am having some problems trying to store data into a config file in Codeigniter

    The Problem
    The session data grows too big and seems to exceed the 4kb which is the cookie max size. As a result for example flashdata stops working.

    Why It Happens
    It seems that config variables are added 4 times into the session inside of following objects:
    - CI_Hooks Object (should be turned off)
    - CI_Utf8 Object
    - MY_Router Object (used for replacing '_' with '-' in URL)
    - CI_URI Object

    Interestingly the hooks object is present even if the functionality is turned off in the config file: $config['enable_hooks'] = FALSE;

    [B]Questions[/B]
    01 - how do you store config data without it being multiplied in the session?
    02 - also, why does the hooks object seem to be enabled when it has been disabled in the config?

    Other Details
    - CI_VERSION 2.1.3
    - Session library is autoloaded
    - Sessions are stored into db
    - Session cookie is encrypted
    - Config files are loaded in the pages where they are used, mainly inside constructors
    - The config data is not huge and would fit very well to 4kb if it wasn't multiplied


    Session data ( print_r($this->session) ) :
    [hooks] => CI_Hooks Object ( [enabled] => [hooks] => Array ( ) [in_progress] => ) [config] => CI_Config Object ( [config] => Array...


    Thanks in advance for your help, it would be much appreciated...
  2. #2
  3. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,853
    Rep Power
    6351
    Session data isn't stored in the cookie. Are you using cookies instead of sessions? That would be a bad thing, and a security concern.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    198
    Rep Power
    3
    Hi, thanks for your reply...

    The Session class stores session information for each user as serialized (and optionally encrypted) data in a cookie. Here is how i have it done:

    http://ellislab.com/codeigniter/user-guide/libraries/sessions.html
  6. #4
  7. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,853
    Rep Power
    6351
    Don't do that. That's the solution to your problem. Use sessions for session. Sessions are server-side and don't make a round-trip with every request, and they can't be modified or edited by the user.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    198
    Rep Power
    3
    But the user cannot modify the cookie as it is encrypted:

    "If you have the encryption option enabled, the serialized array will be encrypted before being stored in the cookie, making the data highly secure and impervious to being read or altered by someone. More info regarding encryption can be found here, although the Session class will take care of initializing and encrypting the data automatically."
  10. #6
  11. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,853
    Rep Power
    6351
    Without looking at their "encryption" method, I don't believe them.

    Also, my other statements still stand: large cookies increase the size of the packets required for every request, increasing your net traffic and slowing down your site. Also, large cookies are your problem. You identified your problem as a cookie which is too large. The solution to that is "stop making your cookie so large." You're storing "session" data in the cookie, and that's wrong for a number of reasons, one of them being "it causes the problem you say you're having."

    I don't know what else to say.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  12. #7
  13. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    Don't store CI objects inside a session, only store the values. That's why you're ending up with a bunch of weird objects inside your session, because the CI config object has references back to the CI core, and when you serialize it into a session all of those references get dereferenced and serialized too.

    If you actually had DB sessions enabled then you shouldn't be running into a cookie size limit; the only data stored in the cookie should be the session ID information. I would double check your config and make sure you actually have that turned on.

    The default method of session storage that CI uses is dumb. Storing session data encrypted in a cookie is just a plain stupid design decision on their part.

    So to summarize:
    * Don't store CI_Config objects in the session, only store raw values
    * Make sure you actually have DB sessions enabled
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo