Login

10-15-2012, 11:28 PM

[eluser]Beginers[/eluser]
Hi ALL, Im developing a website containing authentication and stored it in a session. When i run the firebug on the browser it displays my session varibles and its data. What should i do to make this very secure without storing it in the cookies?

10-16-2012, 12:36 AM

[eluser]noslen1[/eluser]
Hi,
You should set in your application/config/config.php :

Code:
$config['encryption_key'] // line 227

$config['sess_encrypt_cookie'] = TRUE; // line 250

See an encryption key generator here

10-16-2012, 01:15 AM

[eluser]LuckyFella73[/eluser]
And save session data in database!

Code:
// config.php

$config['sess_use_database'] = TRUE;

10-16-2012, 05:10 PM

[eluser]Beginers[/eluser]
@noslen1 and LuckyFella73: should i set my encryption key to sha1? or md5? or ill just leave it empty?

10-16-2012, 05:14 PM

[eluser]Beginers[/eluser]
@noslen1 and LuckyFella73: HI, thank you so much it works! God Bless You All.

10-16-2012, 05:55 PM

[eluser]PhilTem[/eluser]
You can set your encryption key to whatever you want. It should however be a rather long and random string (something like you may get from

Code:
random_string('unique'); # @see CI::string_helper

should do the work pretty securely Wink

)