CodeIgniter Forums
Sessions class - navite php sessions, cookies or both? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: Sessions class - navite php sessions, cookies or both? (/thread-15645.html)



Sessions class - navite php sessions, cookies or both? - El Forum - 02-10-2009

[eluser]asylmottaket[/eluser]
Hi people!

Could it be a nice feature for the future to add support for both ways?

Than in the config-file choose what you would fancy?

$config['sessions'] = 'native'; /// or $config['sessions'] = 'cookies';


Good or bad idea?


Sessions class - navite php sessions, cookies or both? - El Forum - 03-02-2009

[eluser]phazei[/eluser]
Great idea.


Sessions class - navite php sessions, cookies or both? - El Forum - 03-02-2009

[eluser]pistolPete[/eluser]
This should be posted in Feature Requests.


Sessions class - navite php sessions, cookies or both? - El Forum - 03-02-2009

[eluser]TheFuzzy0ne[/eluser]
Personally, I don't see the point. What would the advantages be?


Sessions class - navite php sessions, cookies or both? - El Forum - 03-03-2009

[eluser]phazei[/eluser]
Occasionally I want to store all the users information in their session. 4K does NOT go a long way. Also if someone has their own server, I think sessions are much more secure.

If cookies are on, then the session id won't be put in the address bar, and if cookies are off, well, CI sessions wouldn't work at all.

Even if the session_id is put in the address bar, by default practice I always store the IP in the session and compare that to $_SERVER['REMOTE_ADDR'] anyway as everyone should.


Sessions class - navite php sessions, cookies or both? - El Forum - 03-03-2009

[eluser]TheFuzzy0ne[/eluser]
I've always managed with 4K just fine, but just in case, I choose to use the database which allows for much more data to be stored.


Sessions class - navite php sessions, cookies or both? - El Forum - 03-03-2009

[eluser]JayTee[/eluser]
As a rule, I never never never use the cookie for anything other than the sessionid.

Here's a GREAT article that explains the issues with cookies. While most of us here don't necessarily work with sites a gigantic as yahoo, the performance hit is still the same:
http://yuiblog.com/blog/2007/03/01/performance-research-part-3/


Sessions class - navite php sessions, cookies or both? - El Forum - 08-31-2009

[eluser]asylmottaket[/eluser]
I've made some site for some offshore mechanics working on oil platforms, and they cant always access the login-site. They have to log in to report issues etc. Some oil riggs wont even accept cookies, because the security rules are insane/extreme.