Using Session In Codeigniter

Hi Everyone,

I know the session library of CI use COOKIE instead of standart PHP SESSION.

So, there are 2 options in config file:


If I want to store private datas on CI Session, then its become visible in the Cookie section. So its very bad if we want to keep it secure and private. I know that if I enable sess_encrypt_cookie = TRUE and set the encryption_key in the config file then the cookies become encrypted and more secure. Also I can use sess_use_database.

But I want to know why the CI using COOKIE instead of SESSION? Is this safe even if we use a key? Saving the session data to user computer by COOKIE is true? Is there a way to switch COOKIE to SESSION in CI config?

Thanks for all.

PHP sessions you are thinking of also use cookies, cookie name usually is PHPSESSID.

But PHP just store the session id in PHPSESSID . I didnt see the other session datas store in the cookies. Am I wrong?

Well, if you choose sess_use_database then it also will store only session ID in a cookie. IIRC there is session library in CodeIgniter's wiki that uses native PHP sessions.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.