Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Libraries & Helpers How session works in new versions?
How session works in new versions?
  • Offline mjkhonline
    Newbie
  • *
  • Posts: 2
    Threads: 1
    Joined: Mar 2016
    Reputation: 0
#1
Exclamation  03-13-2016, 09:49 AM

Hi.
Security is my issue and i want to know how exactly codeigniter session library works?
Does it store all data (key , value) in user cookie or just save a reference ID ?
Do we need to add any hash for our keys and values?

For example: 
If i set_userdata('role', 'user')
Does client could change the value 'user' to 'admin' and get access to admin panel?
Do i need do something like this:
 set_userdata(sha1('role'), sha1('user'))   

Huh

Thanks.
Reply
  • Offline siburny
    Junior Member
  • **
  • Posts: 36
    Threads: 0
    Joined: Jan 2016
    Reputation: 2
#2
03-13-2016, 07:46 PM

In CI 3.x session data is stored on server side only. Client is assigned an ID, that's what being stored in cookies.

More info here: http://www.codeigniter.com/user_guide/in...rary-usage
Reply
  • Offline mjkhonline
    Newbie
  • *
  • Posts: 2
    Threads: 1
    Joined: Mar 2016
    Reputation: 0
#3
03-14-2016, 02:04 AM

(03-13-2016, 07:46 PM)siburny Wrote: In CI 3.x session data is stored on server side only. Client is assigned an ID, that's what being stored in cookies.

More info here: http://www.codeigniter.com/user_guide/in...rary-usage

Oh thank you so much bro Shy very useful.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB