[eluser]zimco[/eluser]
I'm trying to figure out how to use a session stored in a database and need some help understanding the logic and how it all works. It is my first time ever using sessions, so please keep that in mind when responding: i'm session ignorant but want to learn.
I replaced CI session file with NGSession, and successfully created my ci_sessions table in my database, and set my config file to store the session info in the database.
I've created a login that checks the username and password, and upon verification then starts the session. I can see that the session gets created and stored in the database, and it gets destroyed when i logout while watching via phpMyAdmin. Therefore, i believe it is all working as it should.
So, let's say i'm logged-in to my admin backside-dashboard, i have my sesssion, and now i want to click a link in the menu to use a different admin controller.
How do i use the session to verify that i am still logged-in and protect the other admin controller from unauthorized use?
In the index function of the other admin controller do i just put a statement like:
if (!$this->session->userdata('user_id')) {
redirect('admin/login');
}
else {...}
Also, do i have to verify the session data with a statement like the above, in every function in this other admin controller?
