diff options
Diffstat (limited to 'user_guide_src/source/libraries/sessions.rst')
-rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 994dc2e08..b87508aba 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -112,7 +112,7 @@ Session data is simply an array associated with a particular session ID (cookie). If you've used sessions in PHP before, you should be familiar with PHP's -`$_SESSION superglobal <http://php.net/manual/en/reserved.variables.session.php>`_ +`$_SESSION superglobal <https://secure.php.net/manual/en/reserved.variables.session.php>`_ (if not, please read the content on that link). CodeIgniter gives access to its session data through the same means, as it @@ -391,7 +391,7 @@ Destroying a Session ==================== To clear the current session (for example, during a logout), you may -simply use either PHP's `session_destroy() <http://php.net/session_destroy>`_ +simply use either PHP's `session_destroy() <https://secure.php.net/session_destroy>`_ function, or the ``sess_destroy()`` method. Both will work in exactly the same way:: @@ -438,6 +438,8 @@ Preference Default Options ============================ =============== ======================================== ============================================================================================ **sess_driver** files files/database/redis/memcached/*custom* The session storage driver to use. **sess_cookie_name** ci_session [A-Za-z\_-] characters only The name used for the session cookie. +**sess_samesite** ci_session 'Lax', 'Strict' or 'None' SameSite attribute value for session cookies. + Defaults to ``session.cookie_samesite`` on PHP 7.3+ or 'Lax' if not present at all. **sess_expiration** 7200 (2 hours) Time in seconds (integer) The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0 **sess_save_path** NULL None Specifies the storage location, depends on the driver being used. @@ -516,7 +518,7 @@ mind that it is in fact not the same code and it has some limitations To be more specific, it doesn't support PHP's `directory level and mode formats used in session.save_path -<http://php.net/manual/en/session.configuration.php#ini.session.save-path>`_, +<https://secure.php.net/manual/en/session.configuration.php#ini.session.save-path>`_, and it has most of the options hard-coded for safety. Instead, only absolute paths are supported for ``$config['sess_save_path']``. @@ -554,7 +556,7 @@ increase - which is the time when it matters - the file system will consistently outperform almost all relational database setups. In addition, if performance is your only concern, you may want to look -into using `tmpfs <http://eddmann.com/posts/storing-php-sessions-file-caches-in-memory-using-tmpfs/>`_, +into using `tmpfs <https://eddmann.com/posts/storing-php-sessions-file-caches-in-memory-using-tmpfs/>`_, (warning: external resource), which can make your sessions blazing fast. Database Driver @@ -679,7 +681,7 @@ Memcached Driver The 'memcached' driver is very similar to the 'redis' one in all of its properties, except perhaps for availability, because PHP's `Memcached -<http://php.net/memcached>`_ extension is distributed via PECL and some +<https://secure.php.net/memcached>`_ extension is distributed via PECL and some Linux distrubutions make it available as an easy to install package. Other than that, and without any intentional bias towards Redis, there's @@ -754,7 +756,7 @@ when creating a session driver for CodeIgniter: - Implement the `SessionHandlerInterface - <http://php.net/sessionhandlerinterface>`_ interface. + <https://secure.php.net/sessionhandlerinterface>`_ interface. .. note:: You may notice that ``SessionHandlerInterface`` is provided by PHP since version 5.4.0. CodeIgniter will automatically declare @@ -1016,7 +1018,7 @@ Class Reference .. note:: This method is just an alias for PHP's native `session_regenerate_id() - <http://php.net/session_regenerate_id>`_ function. + <https://secure.php.net/session_regenerate_id>`_ function. .. php:method:: sess_destroy() @@ -1030,7 +1032,7 @@ Class Reference .. note:: This method is just an alias for PHP's native `session_destroy() - <http://php.net/session_destroy>`_ function. + <https://secure.php.net/session_destroy>`_ function. .. php:method:: __get($key) |