I am using CodeIgniter to save session data in a database but I noticed that CI also saves some of that session info at the client side. If I need a secure last_activity
time-stamp how do I know CI is retrieving the one from the database which is secure and not the one from the client side which is not?
Does it match both last_activity
timestamps to check for validity?
CodeIgniter从哪里检索会话数据?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- duanni5726 2014-05-04 17:56关注
my bad, that's what happen when you don't read carefully.
The answer is YES, does it has to match both.
This is from CodeIgniter Docs,
When session data is available in a database, every time a valid session is found in the user's cookie, a database query is performed to match it. If the session ID does not match, the session is destroyed. Session IDs can never be updated, they can only be generated when a new session is created.
So this means yes, it does a matching.
From GitHub (stable 2.1) you can take a look at the database matching process here:
https://github.com/EllisLab/CodeIgniter/blob/2.1-stable/system/libraries/Session.php#L135
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报
悬赏问题
- ¥15 msix packaging tool打包问题
- ¥28 微信小程序开发页面布局没问题,真机调试的时候页面布局就乱了
- ¥15 python的qt5界面
- ¥15 无线电能传输系统MATLAB仿真问题
- ¥50 如何用脚本实现输入法的热键设置
- ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
- ¥30 深度学习,前后端连接
- ¥15 孟德尔随机化结果不一致
- ¥15 apm2.8飞控罗盘bad health,加速度计校准失败
- ¥15 求解O-S方程的特征值问题给出边界层布拉休斯平行流的中性曲线