session data storage

[eluser]Chillahan[/eluser]
I've searched for ten minutes and can't seem to find the definitive answer, so here goes.

I am upgrading to CI 2.0.2 from 1.6.x. I see that somewhere along the way, a text field was added to the database sessions table.

Does this mean in 1.6 it was only using the db to validate the session, but any data was in fact stored in the cookie (although encrypted), with a maximum of 4 KB for the encrypted array? This is how I understood it to work at that time.

And what about now - is it still storing the data (session variables that we set) in the cookie, and just verifying that as well against the database, or is it finally only storing it in db, lifting the limit from 4 KB to whatever the limit of the text data type is?

I feel bad creating a new post, but the user guide just never digs that deep, and like I said, I just could not find the answer definitively in ten minutes of searching.

[eluser]WanWizard[/eluser]
CI has the option to store session data in the database since v1.7. As soon as you enable the database the cookie will only contain the session id and some fields for security checks.

[eluser]Chillahan[/eluser]
I guess I just missed the boat back then. That also explains why I was confused then, thinking at first the data was stored in the db, when it wasn't (because 1.7 introduced that and I didn't realize it).