CodeIgniter sessions vs PHP sessions
I'm relatively new to CodeIgniter and am making my first CI project in which there are user-accounts, etc. In the past, I have always used PHP's $_SESSION variable to this end. However, CI seems to have its own session mechanism, which it claims is "better"
CI's session mechanism seems to store all the data in a cookie? Personally I like the idea of all the data being stored on the server, accessed with a cookie-key like PHPs native session mechanism... Am I being dumb thinking that's better? Should I just accept CI's mechanism? Or should I go ahead and use native PHP sessions?
What do you guys do?
Thanks,
Mala
Answer
In my experience with CI I've encountered some anomalies with its sessions, but for most day-to-day needs the library is good and easy to work with. As it was pointed out, Flashdata is a very nice feature.
If you choose to stay with CI's sessions, I'd strongly suggest to store sessions in a database and, additionally, encrypt cookies:
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'sessions';
The database structure should be as follows:
CREATE TABLE IF NOT EXISTS `sessions` (
session_id varchar(40) DEFAULT '0' NOT NULL,
ip_address varchar(16) DEFAULT '0' NOT NULL,
user_agent varchar(50) NOT NULL,
last_activity int(10) unsigned DEFAULT 0 NOT NULL,
user_data text NOT NULL,
PRIMARY KEY (session_id)
);