I’m going to use Codeigniter’s session data for my login system, but first I wanted to understand them, so I read the user guide, and from what I understand, Codeigniter’s session data are just cookies.
Is this true? which means if the user disables cookies he wont be able to login to any website using Codeigniter’s session data?
quoted:
The Session class stores session information for each user as serialized (and optionally encrypted) data in a cookie
So that means I should create my own native PHP session data to make users who disable cookies able to login my website? or Codeigniter’s session data are not just cookies?
Yes, the CodeIgniter’s inbuilt session class does use cookies, however, even the standard Sessions in PHP need cookies.
Thus, no matter which route you go, CodeIgniter Session, or the standard Session, either ways if the user does not have cookies enabled, Sessions won’t work.
The advantage of CodeIgniter’s Session class is it automatically encrypts the data as well to prevent cookie tampering, plus allows you to authenticate the cookie against a database.