A month back I had written about why your session might not be setting, even though you had set every thing as per the book. This time I am writing about a new problem that I faced with sessions.
I recently faced a problem, where for some reason website would not remember session data for some users. They Log in, get to the home page, but the moment they click any other link they are logged out and taken back to login page.
Interesting thing is, this happens for both Firefox and Internet Explorer.
When I used the users credentials I was able to log in perfectly on my machine. When I passed him my credentials to try, and it failed on his machine.
I have faced this problem with both Joomla and Codeigniter framework.
Initially we thought it would be a problem with just his browser’s cookie setting, so we got him to reduce the web browsers security setting to low, So that it allows for cookie acceptance. As it turns out, it was not the problem with cookies either.
In both (Joomla and Codeigniter) the problem came down to one thing “IP Address”.
We had set for Codeigniter to match the IP address for session requests(it happens by default in Joomla). My stupid assumption was that IP Address will not change between requests, but as it turns out for some of these users, IP address does change in between two requests.
We had used this technique as a way to avoid hackers from hijacking users session.
Anyways the moment we disabled the IP address check, sessions started working for them properly.
So, next time you have a problem with your session breaking in between for no apparent reason, remember to verify IP Address check.
Have you faced this problem? Let us know how did you solve it in comments below.