+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: DB2 Session (/showthread.php?tid=7278)
DB2 Session - El Forum - 04-01-2008
[eluser]FlashUK[/eluser]
Hi,
I have recently revised the old DB Session class. Its a hybrid with the new 1.6.1 session class and has improved functions (like the flashdata commands which hideously needed updating).
It has been coded so it can replace your main Session class if you wish.
Link to wiki http://codeigniter.com/wiki/DB2_Session/
DB2 Session - El Forum - 04-01-2008
[eluser]louis w[/eluser]
Can you outline the use of this a little bit more?
What is flashdata commands?
DB2 Session - El Forum - 04-02-2008
[eluser]FlashUK[/eluser]
[quote author="louis w" date="1207118072"]Can you outline the use of this a little bit more?
What is flashdata commands?[/quote]
Flashdata stores data between a single page request for one off use (useful for storing passkeys or data for login systems etc.)
They are standard commands that exist in the original Session class.
DB2 Session - El Forum - 04-02-2008
[eluser]louis w[/eluser]
Ohh right, I had forgotten about that feature of the Session class.
What improvements have you made? How is this better then the built in?
DB2 Session - El Forum - 04-03-2008
[eluser]RaZoR LeGaCy[/eluser]
Improvements include
* Flashdata was not optimised for database storing. The number of queries when using the “flashdata” commands have been reduced significantly.
* Whenever new data has been stored, a new session_id is assigned to improve security.
* General improvements that have boosted performance.
* Object model is exactly the same, so its easy to replace your main existing Session class with this one.
DB2 Session - El Forum - 04-04-2008
[eluser]louis w[/eluser]
Why do you want to regenerate the session id? Some apps use this to track a user through a process.
DB2 Session - El Forum - 04-04-2008
[eluser]FlashUK[/eluser]
[quote author="louis w" date="1207340853"]Why do you want to regenerate the session id? Some apps use this to track a user through a process.[/quote]
Please read the information in the wiki before posting. You are simply changing the id of the session, not erasing the data it holds. You are still tracking the user with the same recorded session. It is standard practise to regenerate the session id upon altering the data it stores during the users visit. This is done to prevent what we call session hijacking.
DB2 Session - El Forum - 05-19-2008
[eluser]girir[/eluser]
Do you think it would be a good idea to have an enhancement by which session information is stored in the database for only logged in users. Currently even for non-logged in users and crawler bots, a session id is created which is very expensive. If there was an option to disable session creation for non logged in users, it would improve performance.
DB2 Session - El Forum - 05-19-2008
[eluser]FlashUK[/eluser]
[quote author="girir" date="1211246776"]Do you think it would be a good idea to have an enhancement by which session information is stored in the database for only logged in users. Currently even for non-logged in users and crawler bots, a session id is created which is very expensive. If there was an option to disable session creation for non logged in users, it would improve performance.[/quote]
This library is an extension of the original DB Session only. If you want to make sessions that is used only when users login, I suggest taking a look at sess_run() function and altering it to match your needs.
DB2 Session - El Forum - 05-21-2008
[eluser]sikkle[/eluser]
great work, i'll give it a try soon.