We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

$this->flashSession->getMessages suddenly lost after redirect

Hi everybody,

everything worked fine with flashSessions. But suddenly, the flashSession is lost after redirecting to another side. The exactly same code works on my local machine as well as on the sandbox server. But on my production one, the flashSession is lost.

So I guess that there were some changes on apache or sth, that flashSession isn't there after redirect anymore.

The only thing I can remember is, that I activated the session.cookie_secure and session.cookie_httponly attribute on my server. Could there be anything else why it doens't work on the production system (regarding to apache settings or sth)?

Thx for your help!

I think there is no problem with your session and problem is duplicate call of $this->flashSession->getMessages() during your routing. (routing loop)



8.9k
edited Mar '15

Can't be. The code from local machine, sandbox and production is exactly the same. And to do a small test, I inserted the following code:

public function testFlashAction() {
    $this->view->disable();

    $this->flash->success("this is a flash message");

    return $this->response->redirect('index/testFlashDisplay');
}

public function testFlashDisplayAction() {
    die(print_r($this->flashSession->getMessages("success")));
}

Calling "/index/testFlash". No output from function "testFlashDisplayAction". On local machine and sandbox exactly this code works very well.



8.9k

Now I did another test on production server. When I call the function "/index/testFlash" via https (in browser), the flashSession is there in function "testFlashDisplayAction".

Why does flashSession work via https but not via http? Same calls of functions...

Thx!

edited Mar '15

Ooo... I find the problem.

You added message by $this->flash->success but you retrived the message by $this->flashSession->getMessages. you should use same adapter for setting and getting.

$this->flash->success just displays the message and save nothing in session :) you should use flashSession for both

public function testFlashAction() {
    $this->view->disable();

    $this->flash->success("this is a flash message"); // WRONG
    $this->flashSession->success("this is a flash message"); // CORRECT

    return $this->response->redirect('index/testFlashDisplay');
}

public function testFlashDisplayAction() {
    die(print_r($this->flashSession->getMessages("success")));
}


8.9k

Copied your whole sourcecode. Doesn't work. Same behavior.

As I mentioned before: if I use https instead of http with the same calls, it works! Don't know why...



125.8k
Accepted
answer

session.cookie_secure changes the behaviour to only send cookies over https. While the session data itself isn't stored in a cookie, the session id is. So if you visit your page with plain http, the cookie isn't sent, and the server has no knowledge of anything stored in your session (namely your flashed messages)