All geek questions in one place

How Sessions Work in Codeigniter

I am trying to figure out how sessions work in Codeigniter. Reading the online manual, I see the following:

If the session data does not exist (or if it has expired), a new session will be created and saved in a cookie. If the session does exist, its information will be updated and the cookie will be updated. With each update, session_id will be restored.

and

Note. Session cookies are only updated every five minutes by default to reduce processor load. If you reload the page again, you will notice that the "last activity" time is only updated if five or more minutes have passed since the last cookie was written. This time is adjusted by changing the line $ config ['sess_time_to_update'] in the system / config / config.php file.

Question :

  • What information is updated if the session exists when the page with the session class is loaded? Is this the session identifier stored in the cookie, or is the session data itself stored in the database?
  • Session cookies are updated only every 5 minutes. What if the user goes from page A to page B within 5 minutes, and this requires the addition of new session data? Logically, the session data should be updated, so I assume that I misunderstand this line ... In this case, I guess that the session cookie receives a new session identifier every 5 minutes.

Any clarifications will help!

+6
source share
1 answer

Yes, this is the session identifier stored in the cookie. It is restored every 5 minutes. And when the time comes for recovery, he will first receive the current session data and assign it to the new session identifier.

from the CI session library, sess_update () function:

// Save the old session id so we know which record to // update in the database if we need it $old_sessid = $this->userdata['session_id']; $new_sessid = ''; while (strlen($new_sessid) < 32) { $new_sessid .= mt_rand(0, mt_getrandmax()); } // To make the session ID even more secure we'll combine it with the user IP $new_sessid .= $this->CI->input->ip_address(); // Turn it into a hash $new_sessid = md5(uniqid($new_sessid, TRUE)); // Update the session data in the session data array $this->userdata['session_id'] = $new_sessid; $this->userdata['last_activity'] = $this->now;
+2
source

Source: https://habr.com/ru/post/908217/

More articles:


All Articles