OK I've been experimenting a bit and apparently if you set $config["sess_use_database"] to TRUE then values that you set using $this->session->set_userdata() will be stored in the session table on the server rather than in a cookie on the user's machine.
