summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session.php
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2010-08-31 04:31:08 +0200
committerDerek Jones <derek.jones@ellislab.com>2010-08-31 04:31:08 +0200
commit5485db50775d4e2f76a593ef8b3425f6a1b90666 (patch)
tree1b934405afbdcd4501237b11959117006806784b /system/libraries/Session.php
parent60f8c395f24ba6db80d510892bcc53ce5bf9f4eb (diff)
Added fatal error to Session class when no encryption key is set in the config file, for additional assurance that session manipulation can be prevented
Diffstat (limited to 'system/libraries/Session.php')
-rw-r--r--system/libraries/Session.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index cf6dc96e3..f413c0d1b 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -65,6 +65,11 @@ class CI_Session {
$this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key);
}
+ if ($this->encryption_key == '')
+ {
+ show_error('In order to use the Session class you are required to set an encryption key in your config file.');
+ }
+
// Load the string helper so we can use the strip_slashes() function
$this->CI->load->helper('string');