My project in codeigniter and problem is that if some user disable cookie then he can't login in to my project.
Asked
Active
Viewed 132 times
0
-
What's your question? – Jonnix Feb 10 '16 at 15:00
-
So try to put a message that says you must active your cookie – Mulham Aryan Feb 10 '16 at 15:02
-
You'd have to send the session id back and forth so that the server knows which session to use when a request is made. – jeroen Feb 10 '16 at 15:05
-
I want to achieve it without cookies because I want that if user not willing to enable cookies then he/she can also login – Muhammad Waqas Feb 10 '16 at 17:34
1 Answers
0
In case you want to work with customer session when cookie is turned off entirely,
you can use:
ini_set("session.use_only_cookies", 0); // will force the appendage of a session id to each url
However, this way has it's own disadvantages, e.g. in case not using secure connection (e.g. http) session id can be stollen and etc.
sergio
- 5,210
- 7
- 24
- 46
-
This should be avoided at all costs, due to many security problems (not just session hijacking as you indicate, but also fixation attacks). It's hard to get it right. – ircmaxell Feb 10 '16 at 16:07
-
-
@sergio is there any library to work with session in codeigniter without using cookies – Muhammad Waqas Feb 10 '16 at 17:35