Sessions CodeIgniter vs sessions PHP

[eluser]WebbHelp[/eluser]
Hej!

I started with codeIgniter yesterday and I htink it's very nice but I need to learn much in the beginning, and I also think that is the funniest part.

I read the user guide -> sessions, I am not so good at english and maybe I understood it wrong.

When I read the article, I found codeIgniter session as a own created "copy" of PHP session.
I mean, are codeigniter use $_SESSION[]; ?

Or is it a "own" array codeigniter create?

How does session works in CodeIgniter vs PHP $_SESSION

Thanks //WebbHelp

[eluser]GSV Sleeper Service[/eluser]
CI Sessions do not use $_SESSION, the best way to understand is to look in system/libraries/Session.php, where'll you'll notice that CI have essentially re-invented the wheel, be warned that if you decide to use the CI Session library you won't be able to store more than 4KB of session data.
My advice is to check the wiki and look for 'native session library'

[eluser]kurucu[/eluser]
You will be able to store more than 4kb of session data if you switch on database storage.

[eluser]WebbHelp[/eluser]
ok, but I don't get it, I have read the code but it doesn't helped me out much.
Is it an array I fill with data, that I can use on every page I have?

In my eyes... I don't like that session, $_SESSIONS seems to be better to use...

[eluser]kurucu[/eluser]
Why not, because you don't understand it or because you see something more in the $_SESSIONS array?

The session library provides the following:
- Automatic session creation/destruction
- The ability to store any number of variables against the session
- The ability to retrieve those variables
- The ability to set flash variables that only persist for one request
- The ability to choose to store the data in the cookie or in the local database
- The ability to encrypt the cookie data

There is functionality there that PHP's native sessions do not provide, and in a well packaged class.

You can easily use them in a similar way by autoloading the session, and using set_userdata and userdata to set and retrieve variables, rather than in array elements.

[eluser]WebbHelp[/eluser]
Because I didn't understand it!

I think this is difficult, I have never used a framework before (only .net) and I don't understand how it can be so "powerful" You can do everything you want I see... but it's hard to belive.

How can I keep the information in CI session, I mean if I go to another page, wouldn't I lose information?
Of course not because it would be useless... I think this is great hehe

[eluser]kurucu[/eluser]
Exactly! The point of the session is to try to maintain a state between pages, so the data you store in a session exists until either:

- The next request is after the session timeout
- You clear the session

OR (from a user's point of view...)

- They clear their cookies
- They change their browser/machine/etc

Because to the application they look like someone else. In other words, the data still exists, but they have lost access to it - you have one stale session and one new session for the same user.

Of course all of this is true for any session implementation, but the point is that what wasn't clear to you is that this is true for the CI session implementation.

[eluser]WebbHelp[/eluser]
Thanks for reply

I still got a few things that isn't clear to me.

What you mean with that: "The next request is after the session timeout"
And, I actually still not get how the session can keep the data between pagechanges.

I mean, if I am on page1 and then go to page2, if it would be a normal array(); the data disapper.
I don't get how CI Session can keep the data when the user go from page1 to page2.

Sorry if you already told me that before... I am not that goog at english... as you see

Thanks for helping me =)

[eluser]kurucu[/eluser]
Don't worry about the English - I'm working in France and am just learning French so I have sympathy!

The session works like this:

A user requests a page
The session library checks to see if that user has visited before (by looking for a unique identifier in their cookies, amongst other things)
-If it does not exist, a new ID is created (and in the case of DB storage, a row is inserted into the database).
-If it does exist then data is taken from either the cookie or the database row with the same ID

When you add information to the session, it is added to the database row for that user ID or to the cookie.

------------------

So data is passed between requests either back and forth in the cookie (max 4kb) or is kept in a database table, and matched to an identifier that is passed back and forth in the cookie.
The end result is data that persists between related visits - a session.

For security and functionality some other things often happen:
- The user agent is compared (so if a different browser is used then the session is considered unique - i.e. they are considered to be someone else)
- The IP address can be compared (with the same effect as above)
- If the cookie expires, then we can no longer identify which user the session belonged to (and in the case of cookie storage, have lost everything stored in the session)
- A time limit is also set on how long we will wait between requests to pull data out of the database.

These last two points work together to be the Session Timeout - the amount of time between visits that has to pass for us to drop the session and forget the user. They will appear logged out.



I should write a wiki entry.

[eluser]WebbHelp[/eluser]
Thanks yoo so much for explane to me, appreciate it very much

[array]
(
'session_id' => random hash,
'ip_address' => 'string - user IP address',
'user_agent' => 'string - user agent data',
'last_activity' => timestamp
)

So:

session_id, is the ID only for the user that visit the site, and with IP and user_agent we can check so it really is him with the ID who is on the computer, only security.
last activity, if I want a session, time limit.

Now to the question; is it like this: Everytime a user visit, they get a session_id that connect them to the data saved for just them. Do you mean that the data being saved in a Database? You mean like MySQL?
If, can I go in with my computer and find for examples session_id (if I have access to be in my MySQL DB).

How, can CI session know when the user has disapper/left the website?

I think this is really interesting and I think you should create a wikiarticle you explane good, so it would be perfect hehe