Native sessions or CI sessions.

[eluser]InsiteFX[/eluser]
in a database rather than the filesystem. The top reasons for this desire are:

The application needs to be able to run on multiple servers without server affinity (methods that direct requests from the same client to the same server). An easy way to make sure that sessions continue to work properly is to store sessions in a central database that is common to all servers.

The application needs to be able to run on a shared host, where there are significant security concerns associated with storing session data in the filesystem.

The performance needs of the application are very demanding and require a more sophisticated storage solution for session data. There are many existing ideas and methodologies that address database performance issues, and these can be used when sessions are stored in a database.

InsiteFX

[eluser]jgetner[/eluser]
i do not mean to intrude on this conversation(argument!). But your are both correct and both wrong as with everything in php things have a time and purpose to use them. But you guys are really arguing over a noob topic as if your a seasoned programmer you know to validate and filter any incoming input doesn't really matter what it is... So if you have security holes your really the only one to blame!.

[eluser]InsiteFX[/eluser]
This is basic commom since

Anyone in their right mind knows NEVER NEVER NEVER TRUST USER INPUT!

And if you do not secure your application is nobodys fault but your own!

InsiteFX