are SESSION's necessary or can Auth keep track of a user

[eluser]jtingato[/eluser]
Sorry guys. I am only hours into learning CI and I am trying to complete a site for a friend who was abandoned. The site needs a cart built and a gateway installed. The site was built with a cart table in the db and it appears the developer was trying to enable a cart without using session[].

Is this possible?

How does CI maintain a user's identity?
Obviously each user gets their own instanciated CI class( I think).

Would it be possible to add a user# var to the main class and include that userID into the cart table? That way I can reference any item save to the cart via the ID.

If this IS possible, does that instance unload when the user closes their browser?

Gosd I hope these aren't stupid question, but I have to start learning somewhere.

Thank you for any help or suggestions.

[eluser]Colin Williams[/eluser]
Sessions are the long-standard way of maintaining data across HTTP requests without sending the data along each time. In old systems, you would keep POSTing data from page to page.

Would it be possible to add a user# var to the main class and include that userID into the cart table?

Remember, once a new HTTP request occurs, the class, everything is in a brand-new state.

[eluser]jtingato[/eluser]
I couldn't possibly remember that! ha ha. I didn't know that. What a newb.

Sessions aren't always available, are they? If cookies are disabled...
Also, on refresh of a page, don't session vars get cleansed?
Also, looking at the CI log, it appears that CI cleanses the Session vars?

Are these true statements.

My original thought was to session_start() then store the sessionID within the cart table along with any items added to the cart. But on refresh, a new sessionID is assigned. the other issue is that the cart table will fill up fast, without a way to clean it out.

Bottom line, what is the best way to go about this? Is it possible to create a cart environment without sessions? Or is it best to use sessions?

If so, do you recommend PHP sessions or CI sessions?
Once again, I do apologize for my ignorance.

[eluser]Colin Williams[/eluser]
Every site you've ever logged in to use sessions (which, yes, are dependent on cookies) to keep you "logged in."

Look at the Session class docs to see how it works. With native PHP sessions, you can do browser-based sessions, where the session expires when the browser is closed. Neither is going to wipe out the session when you refresh. That would make them useless. Just take the time to play with each.

[eluser]ray73864[/eluser]
a session is kept for the duration of the well session, so if a user closes the browser window that started that session then when they open a window and load up the page again a new session is created, in the world of tabs it is different since closing a tab and opening a new tab doesn't create a new session (if i remember correctly).

for a shopping cart, i created a 'fancy_session_id' in one of my controllers constructors (the controller for the main page i believe), since CI creates a new session_id every 5 mins which just won't do for a shopping cart, then this 'fancy_session_id' is used for the cart table and if the user logs in it associates the users id with that cart, and then everytime they login they will see the cart, mind you, my shopping cart isn't perfect but it was the first one i ever created.

[eluser]Colin Williams[/eluser]
ray73864, that information isn't 100% accurate. CI's Session class handles sessions differently than native PHP. For one, the session doesn't expire when the browser window closes. Also, the session lifetime is configurable (you could make it 5 days, 5 weeks, whatever you prefer), and it will be reset after n seconds of inactivity.