1
Codeigniter has its own Session class, that is, it does not use PHP native Sessions.
You can set a Session as follows:
$data_session = array(
'id_login' => $id_user,
'nome' => $nome,
'userPermission' => 1
);
$this->session->set_userdata($data_session);
My doubt is:
It’s really safe to use this class to record ID’s that should be secret?
Is there any counter-indication that we should not use this class?
What do you mean, don’t use native toilets? Codeigniter calls it the Session Library, as you can see for yourself they are a set of pre-written functions. We can follow on this link (http://www.codeigniter.com/userguide3/libraries/sessions.html#retrieving-Session-data) that
$_SESSION['item']and$this->session->itemare the same thing...– Rafael Withoeft
@Rafaelwithoeft If I am not mistaken now with the version 3 that Codeigniter has integrated with the superglobal
$_SESSIONphp being that in the previous versions the CI Sesssions were independent. Regarding the security of Sesssions, in this new version of the IC they were rewritten, but with the previous versions you can also set some security settings, such as session expiration, encryption key and other settings in the fileconfig.php. I’ve heard several criticisms regarding the CI Sesssions, but it’s always nice to configure it before.– user21846
@Jhonatanoliveira, I didn’t know that in the previous versions they were independent (I don’t use Codeigniter). I went to research and found this information in the documentation so I asked why he says "do not use native Sesssions"... but thanks for the information, it is always good to know these differences. It would be good if he added this information to the question, I think it is very relevant...
– Rafael Withoeft