CI_Session

swampthang

I have a real quandary and am hoping someone can help me figure out what's happening. This is a game site that is set up as a promotional game service. People wanting to play games for prizes are sent to the game page and if not signed up or logged in, a ci_session (being stored in the ci_sessions table) is used to snag the url and a few other pieces of info like the promoter's id from uri segments, etc. Once a player signs up, and they log in, they're redirected straight to the game page.

It all works perfectly on my local server setup - using MAMP PRO on a macbook pro. The remote server is a linux box running the exact same version of php (5.2.17 -> http://www.mypromogame.com/info.php) as I have on my box.

When you go to:
http://www.mypromogame.com/scratch_and_win/1/joe_blow_scratch_and_win

You'll be redirected to:
http://www.mypromogame.com/auth

From there, clicking the link that says, "If you haven't yet signed up to play click here!" takes you to:
http://www.mypromogame.com/signup

There you see the following 500 error page:

---

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@mypromogame.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.mypromogame.com Port 80

---

The other thing is that if no cookies/session vars have been set, you can successfully link to the signup page.

Looking at the error_log I see the following error:

---

27446 13:05:01 write(2, "[Mon May 06 13:05:01 2013] [error] [client 216.110.94.228] Premature end of script headers: index.php, referer: http://www.mypromogame.com/auth\n", 144) = 144

---

I have ChromePhp debugger installed and am seeing the session data in the auth page.

There are no real php errors and, like I said, it all works perfectly on my local install.

Has anyone else had problems with this kind of thing? I'm getting no help from the server techs.
Here's the function in the scratch_and_win.php controller that sets the session vars:
public function player_logged_in() { // check to see if the player has logged in and redirect if not $CI =& get_instance(); $CI->load->library('session'); if(!$CI->session->userdata('authorized')) { $authorized = FALSE; $CI->session->set_userdata( 'redirect_url', current_url() ); /** * redirect_url will look something like this: * http://promoter.mypromogame.com/scratch_and_win/1/joe_blow_scratch_and_win * seg1 is game, seg2 is client_id and seg3 is client-given game name uri */ $seg2 = $this->uri->segment(2); $seg3 = $this->uri->segment(3); $CI->load->model('client_games_model'); $game = $CI->client_games_model->find_one_by_permalink_and_client_id($seg3, $seg2); $game_id = $game['id']; $CI->session->set_userdata('game_id', $game_id); $CI->session->set_userdata('client_id', $seg2); } else { // the player session is set $authorized = $CI->session->userdata('authorized'); } return $authorized; }This is the code in the auth.php view that checks for the redirect_url session var:<?php $CI =& get_instance(); // check to see if a restricted page was attempted prior to login. If so, there will be a redirect_url session variable set on the game page $redirect_url = $CI->session->userdata('redirect_url'); if(!empty($redirect_url)) { ChromePhp::log('redirect_url: '.$redirect_url); /** * first, check to see if there's a game_id session variable and then * need to see if there's a custom promoter-entered header image. * */ $game_id = $CI->session->userdata('game_id'); if($game_id) { $CI->load->model('client_games_model'); $signup_header_image = $CI->client_games_model->get_signup_header_image($game_id); } }
Here's the code in the signup controller that checks for the session
<?php class Signup extends CI_Controller { public $vars = array(); function __construct() { parent::__construct(); } function index() { // $this->load->library('session'); $CI =& get_instance(); $this->load->library('form_builder',array('form_attrs' => 'method="post" name="frm_signup" id="frm_signup" action="/signup"', 'submit_value' => '<input type="submit" value="Sign up" name="submit" class="button" />', )); $signup_power_plays = 0; $client_id = 0; // give value of zero to default to NOT a promoter and then check to see if a promoter frame was involved $promoter = $this->get_promoter_from_session(); if($promoter) { $signup_power_plays = $promoter['signup_power_plays']; $client_id = $promoter['id']; } if (!empty($_POST)) { // a little security precaution - only allow submission from this server $sess_randnum = $CI->session->userdata('randnum'); // randnum session var is set in $this->set_fields() if(isset($sess_randnum) && isset($_POST['randnum'])) { $submit_randnum = $_POST['randnum']; if($sess_randnum != $submit_randnum) { redirect('auth'); } } else { redirect('auth'); } if ($this->_process($_POST)) { $CI->session->set_flashdata('success', TRUE); redirect('auth'); } } else { $vars['msg'] = ""; ChromePhp::log('FROM NON-POST VARS -> signup_power_plays: '.$signup_power_plays . " - client_id: ". $client_id); $this->set_fields($signup_power_plays, $client_id); // $vars['form'] = $this->form_builder->render(); // $vars['form'] = $this->form_builder->render_template('_blocks/signup_form.php'); $vars['form'] = $this->form_builder->render_divs(); $this->fuel->pages->render('signup', $vars); } } public function get_promoter_from_session() { $CI =& get_instance(); //$game_id = $CI->session->userdata('game_id'); $client_id = $CI->session->userdata('client_id'); if(!empty($client_id)) { $promoter = $this->get_promoter($client_id); ChromePhp::log($promoter); if($promoter) { //$signup_power_plays = $promoter['signup_power_plays']; return $promoter; } else { return FALSE; } } }

admin

Hmm... not sure. Here's a few Google links that may help:
http://galleryproject.org/node/8955
http://stackoverflow.com/questions/4336757/500-server-error-premature-end-of-script-headers
http://www.perlmonks.org/?node_id=24447
http://www.liquidweb.com/kb/apache-error-premature-end-of-script-headers/

swampthang

Thanks. I sent those links to the server admin and somehow he fixed it. Started working. Will try to find out and post here exactly what he did for anyone else who might have trouble with this issue. I know it's not directly related to Fuel but it is a CI session issue. One of the things I've seen as a general consensus is that it's generally better to store ci_session stuff in the database which I had already done in this case. However, if anyone needs to know, all you have to do is create the ci_sessions table:
CREATE TABLE IF NOT EXISTS `ci_sessions` ( session_id varchar(40) DEFAULT '0' NOT NULL, ip_address varchar(45) DEFAULT '0' NOT NULL, user_agent varchar(120) NOT NULL, last_activity int(10) unsigned DEFAULT 0 NOT NULL, user_data text NOT NULL, PRIMARY KEY (session_id), KEY `last_activity_idx` (`last_activity`) )
Then, go in to /fuel/application/config/MY_config.php and add this line:
$config['sess_use_database'] = TRUE;
That's it. Doing that will cause sessions to be stored in the ci_sessions table. If you look in /fuel/application/config/config.php around line 247 you'll see the following:
$config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; $config['sess_expire_on_close'] = TRUE; $config['sess_encrypt_cookie'] = TRUE; $config['sess_use_database'] = FALSE; $config['sess_table_name'] = 'ci_sessions'; $config['sess_match_ip'] = FALSE; $config['sess_match_useragent'] = TRUE; $config['sess_time_to_update'] = 300;

That gives you some other session options as well that can be set in MY_config.php

Hope that helps someone.

swampthang

After talking with the server admin, the only thing he changed in server settings was to increase the LimitRequestLine value but he had already done that and it hadn't gotten rid of the error.

I had found and installed the Chrome extension - Chrome Logger
https://chrome.google.com/webstore/detail/chrome-logger/noaneddfkdjfnfdakjjmocngnfkfehhd

It's an extension that allows you to write php variables to the log in the same way you write them using javascript. Keeps you from having to print to the screen, etc. All you have to do is add the Chrome Logger class file and then in whatever page you want to log vars to the console you just add the line:
ChromePhp::log("text or ".$var."goes here");and you'll see the results in the console log in Chrome's Inspector. It's a very handy tool. It didn't give me any trouble locally but according to the server admin it was increasing the cookie size so much on the server that it was causing the 500 premature headers error.

Not sure if he's right but he sure seems to think so because the only other change that was made prior to this page working again (and it was only this page giving the 500 error) was for me to comment out all the calls to chrome logger in the signup controller file.

Maybe this will save someone a headache in the future.

admin

Good to know. Thanks for reporting back.