I am using CodeIgniter to save session data in a database but I noticed that CI also saves some of that session info at the client side. If I need a secure last_activity
time-stamp how do I know CI is retrieving the one from the database which is secure and not the one from the client side which is not?
Does it match both last_activity
timestamps to check for validity?
CodeIgniter从哪里检索会话数据?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- duanni5726 2014-05-04 17:56关注
my bad, that's what happen when you don't read carefully.
The answer is YES, does it has to match both.
This is from CodeIgniter Docs,
When session data is available in a database, every time a valid session is found in the user's cookie, a database query is performed to match it. If the session ID does not match, the session is destroyed. Session IDs can never be updated, they can only be generated when a new session is created.
So this means yes, it does a matching.
From GitHub (stable 2.1) you can take a look at the database matching process here:
https://github.com/EllisLab/CodeIgniter/blob/2.1-stable/system/libraries/Session.php#L135
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报
悬赏问题
- ¥15 matlab实现基于主成分变换的图像融合。
- ¥15 对于相关问题的求解与代码
- ¥15 ubuntu子系统密码忘记
- ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
- ¥15 保护模式-系统加载-段寄存器
- ¥15 电脑桌面设定一个区域禁止鼠标操作
- ¥15 求NPF226060磁芯的详细资料
- ¥15 使用R语言marginaleffects包进行边际效应图绘制
- ¥20 usb设备兼容性问题
- ¥15 错误(10048): “调用exui内部功能”库命令的参数“参数4”不能接受空数据。怎么解决啊