NaggingWoman
New Member
I have a question about sessions. How do you make a secure login session/cookie.I was looking at this example where they add this array to the session:\[code\]$data = http://stackoverflow.com/questions/3641958/array{ username = $_POST['username']; is_logged = true;}\[/code\]I was wondering if this is enough? Is it not possible to change the username in the cookie to anything or anyone? What would be a good way to go about this?Or is this completely safe and am I missing something?Also, what do you guys think about storing sessions in the DB? I know tha CI has a built in function to do this. Does this cause any problems performance-wise, or is it worth enabeling?