• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Setting sess_save_path correctly

(05-26-2018, 06:08 AM)InsiteFX Wrote: This has always worked for me.

Create a new folder under ./application named writable


PHP Code:
$config['sess_driver'            'files';
$config['sess_cookie_name'       'pcfx_session_';
$config['sess_expiration'        7200;
$config['sess_save_path'         APPPATH.'writable';
$config['sess_match_ip'          FALSE;
$config['sess_time_to_update'    300;
$config['sess_regenerate_destroy'] = FALSE

I have never had a problem with it doing it this way.

But be careful some hosting providers will change the session path on you.

My hosting provider does not change it.

Hey I've just stumbled across this when investigating how secure my sessions are only to learn that my save path was set to NULL!! And worse yet, was set to NULL on my production server. Don't ask me how I missed this. My question is, where has CI been storing the sessions if this has not been set?


It would use the php.ini files session save path setting.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )

(05-30-2018, 03:08 AM)InsiteFX Wrote: It would use the php.ini files session save path setting.

Thanks for the quick reply. Oh that's interesting. And why would this not be recommended? Surely that would be the optimal place to keep it, no?

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.