| Codeigniter 2.0? |
[eluser]punchi[/eluser]
A way to work with native PHP sessions... as far as I know, the "sessions" are an emulation of the real ones, as they'r handled with cookies. Why not implement something to work with real session and have another methods to controle cookies?
[eluser]danmontgomery[/eluser]
http://codeigniter.com/wiki/Native_session/ Haven't tested this with 2.0 but I don't know why it wouldn't work
[eluser]WanWizard[/eluser]
[quote author="punchi" date="1280276054"]A way to work with native PHP sessions... as far as I know, the "sessions" are an emulation of the real ones, as they'r handled with cookies. Why not implement something to work with real session and have another methods to controle cookies?[/quote] I wonder why people keep on talking about this? Properly configured CI sessions are *NOT* emulations that uses cookies, the use the database, and only send a cookie to the client containing an encrypted session_id. Just like PHP's native sessions. PHP sessions have the option to append the PHPSESSID to the query string, which is unsecure, and not possible in a standard CI setup as query strings are not used. The only difference is that CI uses the database to store the session records, while PHP's session management uses file based storage. You sound a bit like my users: if I ask what feature is missing, they come with a 'solution', instead of describing the problem... 
[eluser]megabyte[/eluser]
Derek, I've looked at CI2.0 and there are still a lot of open bugs. but it's safe to use?
[eluser]punchi[/eluser]
[quote author="WanWizard" date="1280281456"][quote author="punchi" date="1280276054"]A way to work with native PHP sessions... as far as I know, the "sessions" are an emulation of the real ones, as they'r handled with cookies. Why not implement something to work with real session and have another methods to controle cookies?[/quote] I wonder why people keep on talking about this? Properly configured CI sessions are *NOT* emulations that uses cookies, the use the database, and only send a cookie to the client containing an encrypted session_id. Just like PHP's native sessions. PHP sessions have the option to append the PHPSESSID to the query string, which is unsecure, and not possible in a standard CI setup as query strings are not used. The only difference is that CI uses the database to store the session records, while PHP's session management uses file based storage. You sound a bit like my users: if I ask what feature is missing, they come with a 'solution', instead of describing the problem... [/quote]Well, I just missed a way to handle native sessions (never said I have a problem with that) and I think that you solution by connecting to a DB to retrieve sessions its a waste of resources, by regenerates cookie its enough. Thanks anyway =)
[eluser]WanWizard[/eluser]
You have to store the data server-side anyway, whether you use a database or a file system is not really relevant, you certainly are not waisting resources. A database engine is more efficient in I/O than you are. Database sessions have their advantages also when it comes to scaling, or if you want to implement things on your site like "who is currently logged on", which is impossible to do with file based sessions. And for those who insist: there's always the native session library, which provides you with a CI interface on native sessions. |
| Welcome Guest, Not a member yet? Register Sign In |
