Login

06-22-2008, 06:12 AM

[eluser]Seppo[/eluser]
If you have set the encriptation key, that's secure. You can store your session in a database and match ip and user agent for additional security, although it is not necesary.

An extra peace of advice: you can use a Model to handle login information, so you don't have to repeat that code everywhere. =)

Instead of

Code:
$this->load->library(array('session'));                

        if ($this->session->userdata('logged_in') != TRUE || empty($this->session->userdata('uid')))

        {

            redirect('', 'refresh');

        }

You can use

Code:
$this->load->model('login');                

        $this->login->require_login();

and your model can look like this

Code:
class Login extends Model

{

        function Login()

        {

                parent::Model();

                $this->load->library('session');

        }

        function require_login()

        {

                if ($this->session->userdata('logged_in') != TRUE || empty($this->session->userdata('uid')))

                {

                    redirect('', 'refresh');

                }    

        }

}