Is ci/sessions safe to use? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Is ci/sessions safe to use? (/showthread.php?tid=21890) |
Is ci/sessions safe to use? - El Forum - 08-24-2009 [eluser]walrus_lt[/eluser] Hi. Is ci/sessions safe to use? I heard that ci/session saves information in user's cookie. So... If i do: Code: $this->session->set_userdata(array('id'=>$id, 'nick'=>$nick)) In another place: Code: if ($this->session->userdata('id') == '') die('NOT LOGED IN') Can it be hacked if hacker creates cookie in his browser with id=1? Is ci/sessions safe to use? - El Forum - 08-24-2009 [eluser]pistolPete[/eluser] Just encrypt the cookie: http://ellislab.com/codeigniter/user-guide/libraries/sessions.html |