如何将codeigniter的会话系统与$ _SESSION内置的PHP分开? [英] How are codeigniter's session system separated with PHP's built in $_SESSION?
问题描述
如手册所述:
注意:Session类不使用本机PHP会话.它 生成自己的会话数据,从而为 开发人员.
Note: The Session class does not utilize native PHP sessions. It generates its own session data, offering more flexibility for developers.
但是当我使用$this->session->set_userdata(array('sample_key' => 'sample_value'));
存储一些数据时,在phpinfo()
中我可以在其中找到sample_key
和sample_value
.
But when I store some data using $this->session->set_userdata(array('sample_key' => 'sample_value'));
, in phpinfo()
I can find sample_key
and sample_value
in that.
我希望这部分
不利用本地PHP会话
does not utilize native PHP sessions
意味着它隐藏了phpinfo()
中的会话变量.
to be meaning that it hides the session variables from phpinfo()
.
我一直认为这可能是安全方面的不足.可以吗?
I'd always thought that it might be a security lack. Could it be?
看起来,这些值是urlencode
ed.
As it seems, the values are urlencode
ed.
推荐答案
CodeIgniter的会话"仅将数据存储在cookie中,并将其称为会话.本机PHP会话将数据存储在服务器上,并将"sessionID"存储在cookie中.
CodeIgniter's "session" just stores the data in a cookie, and calls it a session. Native PHP sessions store the data on the server, and a "sessionID" in a cookie.
在phpinfo
中,您可以看到变量,但是在您的会话中,看不到其他用户的会话.
In phpinfo
, you can see the variables, but it's your session, you can't see another user's session.
这篇关于如何将codeigniter的会话系统与$ _SESSION内置的PHP分开?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!