Skip to content

EckoSession

Jump to bottom Edit New page
World Wide Web Server edited this page Jul 4, 2012 · 15 revisions

Code Igniter bundles a session class, working with cookies. Unfortunately, this class stores session data directly inside the cookie, thus allowing the client to see and edit those data. Here is a replacement class that stores data in the database. (note: the original Code Igniter Session class can use a database, but only for validation purposes. The actual data is stored in the cookie itself)

[h3]1.) Using the class[/h3]

This class works with CI >= 1.71 (maby also with lower versions)

The usage is the same as the bundled Code Igniter session class. So you use it like described in the user guide:

[code]http://codeigniter.com/user_guide/libraries/sessions.html[/code]

Features:

  • Supports native PHP-Session-Handling
  • Supports CI-flashdata-Handling
  • Using a "fingerprint" instead of Browser or IP to identify the user

[h3]2.) Configuration[/h3]

This class uses the same configuration directives than the original session class. So don't forget to set inside your 'config.php' :

[code]$config['sess_cookie_name'] = 'mysite'; $config['sess_expiration'] = 7200; $config['sess_use_database'] = TRUE; $config['sess_table_name'] = 'ci_sessions'; $config['sess_match_ip'] = TRUE; $config['sess_match_useragent'] = FALSE; $config['cookie_prefix'] = ""; $config['cookie_domain'] = ""; $config['cookie_path'] = "/";[/code]

Additionally there are the folowing directives: [code]$config['sess_gc_probability'] = 0; $config['sess_gc_divisor'] = 0;[/code] Set to 0 the defaults (php.ini) are used for Garbage Collection.

[h3]3.) Database[/h3]

Here is the table schema needed by the new session class :

[code] CREATE TABLE ci_sessions ( session_id varchar(32) NOT NULL default '', fingerprint varchar(32) NOT NULL default '', session_data blob NOT NULL, session_expire int(11) NOT NULL default '0', PRIMARY KEY (session_id) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; [/code]

[h3]4.) Installing the package[/h3]

Just get the zip File:EckoSession.zip .

Move the file [b]CI_Session.php[/b] in your [b]application/libraries[/b] directory. Then use the autoload feature of Code Igniter : open your "autoload.php" configuration file and add "db_session" in the core autoload array :

[code]$autoload['libraries'] = array('database', 'session');[/code]

[h3]5.) Inside working[/h3]

Using this class, the cookie only stores a unique session identifier. Everything else is matched from the database.

Category:SessionCategory:Libraries::Session

Category:Contributions::Libraries::PHP

Add a custom footer
Clone this wiki locally