Registering destroys the session and all my data in it - Simplelogin

[eluser]johnwbaxter[/eluser]
I'm using simplelogin for my user needs. When i create a new user through a reg form it destroys the session then creates a new one.

Trouble is, i have session data in the session that i want to keep.

Do i really need to destroy the session and re-create it? Is this to protect me from something security wise?

If i do have to destroy it, what is the best way to carry my session data that i want to keep through?

Any advice would be gratefully received!

[eluser]CI Lee[/eluser]
You could try and comment out the destroying portion...

line 83 of Simplelogin

Code:

//Automatically login to created account
            if($auto_login) {        
                //Destroy old session
                //$this->CI->session->sess_destroy();
                
                //Create a fresh, brand new session
                $this->CI->session->sess_create();
                
                //Set session data
                $this->CI->session->set_userdata(array('id' => $user_id,'username' => $user));
                
                //Set logged_in to true
                $this->CI->session->set_userdata(array('logged_in' => true));

However I dont know how it will deal with trying to set new session data.


Why do you want to stay logged in anyways?

[eluser]johnwbaxter[/eluser]
It is an e-commerce type site that is split into stages.

Stage 1 is making selections on what the want their product to be (through 5 sub stages) then stage 2 is paying for it. So at stage 2 i need them to either login or register and then be able to carry on with purchasing their order. I keep their selections in session.

I know i could comment out the destroy part, my question is should i?

Thanks for the reply CI Lee, if you have anymore advice throw it my way please!