• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Upgrading Codeigniter from 1.7.3 to 2.2.2 - Issue with sessions library

#11
[eluser]adela[/eluser]
So, I assume it's okay to leave it as it is, right? I shouldn't worry about it, correct?


And last question. What's the difference to use session database because if someone steal the cookie/session id, he can still pretend to be the user ? I mean he can use this session id to fake the script that it's this user, so which is more secure anyway --> into a client side cookie encrypted or database session encrypted too? I believe both seems almost same just it has option to match user agents for example and etc but its useless for me because i want to allow people to login with different accounts on same IP address and same user agents otherwise if user agent match is active .. it will update rows with different user_data column ...

Thanks a lot for taking your time to answer me.

#12
[eluser]InsiteFX[/eluser]
Database sessions are the most secure to other sessions, the database session only stores a cookie
with the session_id etc there is no user_data stored it it. the data is stored in the Database.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.