Code igniter session management - login page refreshes rather than populating session

Question

I'm new to Code Igniter and trying to work through the instructions as I've inherited a site built in it which I've had to upgrade after it stopped working when moving from PHP 5.6 to 7.2. I think the session management changed a lot between versions 2.0x and 3.0.0 (which I've moved to). I want to use files to store sessions and have configured a sess_path, but when my user tries to login the page simply refreshes - which suggests the if($this->form_validation->run() == FALSE): statement in the controller code below is always true, which is odd as if I don't fill in username or password and submit, the form validation runs.

public function index(){

    $this->load->library('session');

    if ($this->session->userdata('user_is_admin')) {
        redirect('admin/login/welcome');
    }

    $this->load->library('form_validation');
    $this->form_validation->set_error_delimiters('<span class="form-error">', '</span>');
    $this->form_validation->set_rules('username', 'Username','required');
    $this->form_validation->set_rules('password', 'Password','required');

    if ($this->form_validation->run() == FALSE):


        $data['title'] = 'login';
        $data['content'] = 'admin/login/index-view';
        $this->load->view('template-admin-login',$data);

    else:

        $this->db->where('user_is_admin',1);
        $this->db->where('user_activated',1);
        $this->db->where('user_published',1);
        $this->db->where('user_email',$this->input->post('username'));
        $this->db->where('user_password', md5($this->input->post('password')));
        $query = $this->db->get('user')->row();

        if(!empty($query)):

            $newdata = array(
                               'user_id'  => $query->user_id,
                               'user_name'  => $query->user_name,
                               'user_is_admin'  => $query->user_is_admin
                           );

            $this->session->set_userdata($newdata);
            $this->session->set_flashdata('message_welcome', 'Hi '.ucfirst($this->session->userdata('user_name')).'!');
            redirect('admin/login/welcome');

        else:
            $this->session->set_flashdata('message_red', 'Username or password incorrect.');
            redirect('admin/login');
        endif;

    endif;

The config file contains the following for the session config:

$config['sess_driver']          = 'files';
$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 7200;
$config['sess_save_path']       = BASEPATH . 'application/cache/';
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_time_to_update']  = 300;

The form is very simple - a username and password field and submit button and it posts to the admin/login page. Have been running through the Code Igniter instructions for session management but can't work out why the page is just refreshing. Hoping I don't have to rewrite the whole thing from scratch. Any help gratefully received!

Answer 1

I think the save path is not what you want. BASEPATH points to the system directory. This will point you to the /cache directory inside /application.

$config['sess_save_path'] = APPPATH . 'cache/';