+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: Session fixsession config (/showthread.php?tid=88019)
Session fixsession config - pm2monit - 07-07-2023
Please help me for config session fixsession, in codeigniter 4
RE: Session fixsession config - InsiteFX - 07-07-2023
So what is it that needs fixing?
RE: Session fixsession config - pm2monit - 07-13-2023
The session that is created and stored in the browser cookies user can be used by many users, if the browser cookies are stolen by someone else, get added the config session feature can only be used by one user and one computer, even if the browser cookies are stolen the cookies are not can be used on another computer
RE: Session fixsession config - ozornick - 07-13-2023
May be we are talking about session regeneration?
RE: Session fixsession config - pm2monit - 07-13-2023
yes, you can call it like that, but I mean if there is a session that is stored in the browser cookies, then the cookies are successfully stolen by another user, these cookies are not considered valid by the system and the page will be forwarded to the login page
RE: Session fixsession config - luckmoshy - 07-14-2023
In CI you can do things in either.env or in APP, like
Code:
app.sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler'
app.sessionCookieName = 'ci_session'
app.sessionExpiration = 7200
app.sessionSavePath = writable/session
app.sessionMatchIP = true
app.sessionTimeToUpdate = 1 /*300*/
app.sessionRegenerateDestroy = trueRE: Session fixsession config - pm2monit - 07-20-2023
[quote pid="411088" dateline="1689318696"]
The following example is the code config on codeigniter 3
$config['sess_driver'] = 'files';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = NULL;
$config['sess_match_ip'] = TRUE;
$config['sess_time_to_update'] = 1;
$config['sess_regenerate_destroy'] = TRUE;
can this be done in codeigniter 4
[/quote]
RE: Session fixsession config - InsiteFX - 07-20-2023
If you look at CodeIgniter 4 app/Config/App.php you will see it's almost the same.
RE: Session fixsession config - kenjis - 07-20-2023
See app/Config/Session.php
https://github.com/codeigniter4/CodeIgniter4/blob/develop/app/Config/Session.php