Welcome Guest, Not a member yet? Register   Sign In
Which session library to use? Any suggestions?
#10

[eluser]n0xie[/eluser]
[quote author="mrbinky3000" date="1258595096"]
So yeah, CI_session class. Unreliable.[/quote]
There is absolutely NOTHING wrong with the Session Class. There is a lot wrong with Microsoft's IE implementation of handling cookies, which is what the session class uses.

Usually when people claim the session library is unreliable, it's either because they read it somewhere or they don't know how the session library works.

For example let me disarm the points raised by your linked source. The fact that the article was written in 2008 and we are nearly in 2010 should set off some alarms at least:
Quote: 1. Security : The User Data is stored in a cookie, client-side.
2. Security : The session is vulnerable to session fixation.
3. Usability : Enabling the session database does not actually store User-Data in the database!
4. Usability : Things like non-persistent sessions, flash variables and session id regeneration are not enabled.
Point 1.
This can be altered by using encrypted cookies. Not everyone stores private data into a session, hence no need to encrypt it by default. This is called flexibility and is, at least in my book, a feature.

Point 2.
No it's not. The session gets regenerated.

Point 3.
Unless the field user_data is missing in the database, I don't see how one could argue this.

Point 4.
Yes they are and they are documented.


So what causes all these strange session behaviours? Well the clue should be that it only occurs in IE. Hence I put a link in my footer so everyone could read what was causing it! Isn't that convenient. So next time when you make a claim about the session library, you should probably first click the link in my footer, read it, understand its implications, then go harass your local Microsoft representative and ask him if it's REALLY that hard for them to comply to ANY form of standard.


Messages In This Thread
Which session library to use? Any suggestions? - by El Forum - 09-29-2009, 09:51 AM
Which session library to use? Any suggestions? - by El Forum - 09-29-2009, 12:21 PM
Which session library to use? Any suggestions? - by El Forum - 09-29-2009, 01:20 PM
Which session library to use? Any suggestions? - by El Forum - 10-02-2009, 03:46 PM
Which session library to use? Any suggestions? - by El Forum - 10-02-2009, 07:39 PM
Which session library to use? Any suggestions? - by El Forum - 10-03-2009, 12:24 AM
Which session library to use? Any suggestions? - by El Forum - 10-03-2009, 05:00 AM
Which session library to use? Any suggestions? - by El Forum - 10-03-2009, 06:34 PM
Which session library to use? Any suggestions? - by El Forum - 11-18-2009, 01:44 PM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 04:27 AM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 08:33 AM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 08:46 AM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 08:56 AM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 09:43 AM
Which session library to use? Any suggestions? - by El Forum - 11-19-2009, 08:45 PM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 05:23 AM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 07:25 AM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 09:20 AM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 01:59 PM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 05:32 PM
Which session library to use? Any suggestions? - by El Forum - 11-20-2009, 07:13 PM
Which session library to use? Any suggestions? - by El Forum - 11-23-2009, 09:48 PM
Which session library to use? Any suggestions? - by El Forum - 12-03-2009, 01:47 PM
Which session library to use? Any suggestions? - by El Forum - 12-08-2009, 06:24 AM
Which session library to use? Any suggestions? - by El Forum - 12-08-2009, 07:12 AM
Which session library to use? Any suggestions? - by El Forum - 12-08-2009, 10:38 AM
Which session library to use? Any suggestions? - by El Forum - 01-11-2010, 02:15 PM
Which session library to use? Any suggestions? - by El Forum - 01-11-2010, 02:53 PM
Which session library to use? Any suggestions? - by El Forum - 01-11-2010, 03:00 PM
Which session library to use? Any suggestions? - by El Forum - 01-11-2010, 03:07 PM
Which session library to use? Any suggestions? - by El Forum - 01-11-2010, 03:14 PM
Which session library to use? Any suggestions? - by El Forum - 01-12-2010, 06:37 AM
Which session library to use? Any suggestions? - by El Forum - 01-12-2010, 06:48 AM
Which session library to use? Any suggestions? - by El Forum - 01-12-2010, 07:22 AM
Which session library to use? Any suggestions? - by El Forum - 01-12-2010, 07:39 AM
Which session library to use? Any suggestions? - by El Forum - 05-01-2010, 05:51 AM
Which session library to use? Any suggestions? - by El Forum - 05-01-2010, 08:46 AM



Theme © iAndrew 2016 - Forum software by © MyBB