DELETE

[eluser]Molchy[/eluser]
[quote author="WanWizard" date="1307310538"]Care to explain what it is that makes this secure?

A quick glance of the code shows that you have removed the most secure part of CI's session library, which is the encrypted session cookie.
Instead, you rely on $_SESSION, and I assume PHP's native session cookie as well (although I don't see a sess_start() call anywhere, it needs auto start needs to be configured too?), which is very insecure![/quote]

- session_start(); is in _constructor, it seems bitbucker commented it
- cookies are not that secure encrypted or not, so no cookies in this class
- in native session is only saved session_id, ... and needet data to database session works, all user data is saved in database and retrived from their

I tryed many session classes publicly add-et in CI and everything had something which didnt work:
- Or IE
- Or using cookies
- Or just native
- Or native + db and session destroy didnt work at it should
- Or db and garbage collector didnt work as it should
- Or is not maintain by authours

Database driven sessions have many advantages:
- More secure if not using cookies
- Easy monitoring from admin side
- How many user online lib. can be writen on it
- ...


So this is my way dooing thins and u can not know how it works if u dont test it yourself or checking all the code.

No one is perfect so if anything doesnt work well i will fix it with glad as myself using this Class