Welcome Guest, Not a member yet? Register   Sign In
Sessions class - navite php sessions, cookies or both?

Hi people!

Could it be a nice feature for the future to add support for both ways?

Than in the config-file choose what you would fancy?

$config['sessions'] = 'native'; /// or $config['sessions'] = 'cookies';

Good or bad idea?

Great idea.

This should be posted in Feature Requests.

Personally, I don't see the point. What would the advantages be?

Occasionally I want to store all the users information in their session. 4K does NOT go a long way. Also if someone has their own server, I think sessions are much more secure.

If cookies are on, then the session id won't be put in the address bar, and if cookies are off, well, CI sessions wouldn't work at all.

Even if the session_id is put in the address bar, by default practice I always store the IP in the session and compare that to $_SERVER['REMOTE_ADDR'] anyway as everyone should.

I've always managed with 4K just fine, but just in case, I choose to use the database which allows for much more data to be stored.

As a rule, I never never never use the cookie for anything other than the sessionid.

Here's a GREAT article that explains the issues with cookies. While most of us here don't necessarily work with sites a gigantic as yahoo, the performance hit is still the same:

I've made some site for some offshore mechanics working on oil platforms, and they cant always access the login-site. They have to log in to report issues etc. Some oil riggs wont even accept cookies, because the security rules are insane/extreme.

Theme © iAndrew 2016 - Forum software by © MyBB