Archive for the ‘CakePHP’ Category

CakePHP session lost when using Applets or Flash

Thursday, March 27th, 2008

Recently I have been developing a website on my dev machine using the CakePHP framework. During this I ran into a problem where I could log a user in, view a Pulpcore applet and then be logged out right after viewing it.

After doing a bit of searching on the net I found the cause and the solution.

The cause:
My Pulpcore applet trying to do a request a CakePHP action from the web server to get and set the highscores.
CakePHP would check the HTTP_USER_AGENT and compare it to the one used to create the session.
When it found that they differed it would kill the session thinking it was preventing a session hijack attempt.

A solution:
In the config/core.php set the following lines
Configure::write(’Session.checkAgent’, false);
Configure::write(’Security.level’, ‘medium’);

This will stop CakePHP from regenerating a session every request and stop CakePHP from checking the user agent.
After that my Pulpcore applets where able to request actions as the logged in user fine and keep the session alive.

Tags: ,
Posted in CakePHP, Pulpcore | 2 Comments »