Welcome Guest, Not a member yet? Register   Sign In
Using Session In Codeigniter
#1

[eluser]Unknown[/eluser]
Hi Everyone,

I know the session library of CI use COOKIE instead of standart PHP SESSION.

So, there are 2 options in config file:

sess_encrypt_cookie
sess_use_database


If I want to store private datas on CI Session, then its become visible in the Cookie section. So its very bad if we want to keep it secure and private. I know that if I enable sess_encrypt_cookie = TRUE and set the encryption_key in the config file then the cookies become encrypted and more secure. Also I can use sess_use_database.

But I want to know why the CI using COOKIE instead of SESSION? Is this safe even if we use a key? Saving the session data to user computer by COOKIE is true? Is there a way to switch COOKIE to SESSION in CI config?

Thanks for all.
#2

[eluser]steelaz[/eluser]
PHP sessions you are thinking of also use cookies, cookie name usually is PHPSESSID.
#3

[eluser]Unknown[/eluser]
But PHP just store the session id in PHPSESSID . I didnt see the other session datas store in the cookies. Am I wrong?
#4

[eluser]steelaz[/eluser]
Well, if you choose sess_use_database then it also will store only session ID in a cookie. IIRC there is session library in CodeIgniter's wiki that uses native PHP sessions.




Theme © iAndrew 2016 - Forum software by © MyBB