[eluser]skunkbad[/eluser]
On my site I use both CI sessions, and the standard PHP $_SESSION array.
I've checked out ./system/libraries/Input.php and it is clear that the $_SESSION is protected from being unset.
Is there any reason why I should not have a MY_Input class that adds the following:
Code:
$_SESSION = $this->_clean_input_data($_SESSION);
and then:
Code:
// --------------------------------------------------------------------
/**
* Fetch an item from the SESSION array
*
* @access public
* @param string
* @param bool
* @return string
*/
function session($index = '', $xss_clean = FALSE)
{
return $this->_fetch_from_array($_SESSION, $index, $xss_clean);
}
Would this be enough, too much, bad, good? Your thoughts please.