CodeIgniter如何知道cookie保存有效的会话数据？ [英] How does CodeIgniter know a cookie holds valid session data?

问题描述

在CodeIgniter中，会话数据默认保存在cookie中。但是在我的服务器上还必须有一个文件（名为会话ID）来验证数据（在cookie中）是否有效，或者我错了？

In CodeIgniter, session data are saved in a cookie by default. But there must be also a file on my server (named as the session ID) to verify that the data (in the cookie) is valid, or am I wrong?

我正在搜索保存会话的位置。我已经查看了session.save_path目录（/ var / lib / php5），但在此目录中只有其他会话，但没有CodeIgniter会话。

I'm searching for the location where the sessions are saved. I've already looked in the "session.save_path" directory (/var/lib/php5), but in this directory there are only other sessions, but not the CodeIgniter sessions.

我不会在数据库中保存会话，因此CodeIgniter如何知道数据（在cookie中）是有效的？

I'm not saving the sessions in the database either, so how does CodeIgniter know that the data (in the cookie) is valid?

推荐答案

本地代码符号安装会覆盖正常的PHP会话处理，并使用自己的处理数据的系统，这就是为什么在正常场合找不到它的原因。 （我也会提到，我个人觉得它的实现有点不安全，因为所有的会话数据都直接存储在用户浏览器会话cookie中。）

The native codeigniter installation overrides the regular PHP session handling and uses their own system of handling the data which is the reason why you are unable to find it in the normal places. (also I would mention that I personally find the way it is implemented a little insecure since ALL of your session data is stored directly in the users browser session cookie.)

可以做为Residuum建议和回溯通过codeigniter会话库，并找到它的存储位置，或者你可以覆盖会话处理与类似OB_Session。 （ http://bleakview.orgfree.com/obsession/ ）

You can do as Residuum has suggested and backtrack through the codeigniter session library and find where it is being stored, or you can override the session handling with something like OB_Session. (http://bleakview.orgfree.com/obsession/)

我强烈建议您安装OB_Session或类似的东西，因为它将使用本地PHP会话处理，它将保持您的Cookie从以下任一A）变得太大，崩溃对浏览器字节限制或B）允许敏感的用户数据存储在客户端。

I would highly suggest that you install either OB_Session or something like it since it will then use the native PHP session handling and it will keep your cookies from either A) getting too large and crashing against the browser byte limit, or B) allowing sensitive user data to be stored client-side.

最后，根据您的尝试，我将遵循CI用户指南说明，将会话数据存储在数据库中。 （ http://codeigniter.com/user_guide/libraries/sessions.html ）此将使它更容易为您处理数据，甚至更新和扩展Codeigniter存储的内容。请记住，即使您将它存储在数据库中，您仍然必须更改为像OB_Session，因为您的cookie仍然保存所有数据，即使更改为数据库。

Finally, depending on what you are trying to do I would follow the CI user guide instructions and store the session data in the database. (http://codeigniter.com/user_guide/libraries/sessions.html) This would make it MUCH easier for you to work with the data and even update and extend what is stored by Codeigniter. Please keep in mind though that even if you store it in the database you STILL have to change to something like OB_Session since your cookie still holds all data even when changed to database.

这篇关于CodeIgniter如何知道cookie保存有效的会话数据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！