New to Code Igniter & $_SESSION? |
[eluser]Unknown[/eluser]
Hi All, I have only been using CI for two days and I am struggling to see any real advantages apart from a better code structure. Today I have developed a basic user login system and it took a lot longer than it would just to do it in PHP. Another thing is, I normally use $_SESSION to store details of the logged in user however I can't seem to do this anymore? (Also is a bad from a security point of view to store these details there? if so, what way is better?) Below I have also provided some of the code I have developed today for the registration part of the user login system. Any feedback on this would be great. Register (Controller) Code: <?php Register (Model) Code: <?php Register (View) Code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
[eluser]WanWizard[/eluser]
In CI you use the Sessions library instead of PHP's session management...
[eluser]Unknown[/eluser]
[quote author="WanWizard" date="1297297925"]In CI you use the Sessions library instead of PHP's session management...[/quote] Whats the advantage of doing so?
[eluser]dark_lord[/eluser]
You can refer to the documentation to further understand the session class. http://ellislab.com/codeigniter/user-gui...sions.html
[eluser]WanWizard[/eluser]
@Richie Jenkins, There are several reasons for not using PHP's native sessions: - they are not secure (the session id is a simple non-encrypted cookie without any checks) - they are file based, and depending on the host config not always very secure (you can access other website's session files if not configured carefully) - they are file based, so you can't query them (for example to get the number of logged-in users) - they don't scale as well as a database does (not much of an issue in a single-server setup) and probably lots more. For me, the security issues alone are reason enough not to use them.
[eluser]InsiteFX[/eluser]
WanWizard, you can set the PHP Sessions to use a database. But you would need to write code yourself. InsiteFX |
Welcome Guest, Not a member yet? Register Sign In |