Please suggest if any thing is wrong with the approach I am taking . I am using DAO in all the places
I have user object
In user identity class , I am getting the above object after successful authentication , assigning it to the _id field ( the whole object I am assigning )
So to refer user id in the object I am using
this approach is working fine and no issues . But when user modifies … for example his gender
I am updating database field and I am modifying the session object by giving below statement
This is working fine ( until user closes his browser), But if the user selects " Remember me " option when he logs in … Next time when user comes to the site he is seeing the old gender code and not the one modified last time . So for that next time when user comes I want to refresh the full session object from database
I am just passing the user_id from the existing session to database , getting the above object and refreshing the whole session object . No other checks I am doing .
IMHO I think you are doing the wrong approach, what i would do is to modify the CWebUser and then refresh the user from the DDBB. Here is an example:
* Custom Webuser class
class WebUser extends CWebUser
private $_dbUser = false;
* @return User the user record associated with the currently logged in user.
* Null if there is no such user record (user not logged).
public function getDbUser()
if($this->_dbUser === false)
$this->_dbUser = $this->isGuest ? null : User::model()->findByPk($this->id);
protected function beforeLogin($id,$states,$fromCookie)
$user = User::model()->findByPk($id);
if($user && isset($states['vkey']) && $user->validation_key === $states['vkey'])
$this->_dbUser = $user;
protected function afterLogin($fromCookie)
if(($user = $this->getDbUser()) !== null)
/* should we set login attributes? -- remove them if you dont have these fields as this is an example */
'login_time' => time(),
'login_ip' => Yii::app->request->userHostAddress
Thanks a lot for Antonio for your nice explanation and for your help.
If you don’t mind could you please clarify what is use of extending CWebUser and dealing with it when we have direct methods … I mean when we have direct way of setting it using Yii::app()->session[‘var’] or $this->setState methods .