0

When is the proper time to use userdata? Why is it good/not good? And how should I use it properly?

When is it bad/not conventional to use?

Specifically, what's the best convention/method to utilize the session class: https://www.codeigniter.com/user_guide/libraries/sessions.html

Stack Programmer
  • 679
  • 6
  • 18
Kevin Brown
  • 12,602
  • 34
  • 95
  • 155

1 Answers1

1

Sessions should be used whenever you want to preserve state between two different HTTP requests. You generally want to:

  • Store session information on the server side (i.e. don't pass it all back and forth in cookies).
  • Protect yourself against Cross Site Forgery Requests (CSFR) by generating a unique key for each request and validating the key when the request returns.
  • Store only that information that will need to be accessed repeatedly. (Don't shove the 5,000+ results of the query you just ran for them into their session for example -- use caching instead.)
  • Read about PHP's $_SESSION since CodeIgniter's session is a wrapper around $_SESSION.
  • Understand how to maintain a secure session -- and know what CodeIgniter handles for you, and what you will need to do yourself.
Community
  • 1
  • 1
Sean Vieira
  • 155,703
  • 32
  • 311
  • 293