CodeIgniter-Aauth
CodeIgniter-Aauth copied to clipboard
Unspecific session variable names for user
The user data of the logged in user is set to a session in the login
function. But these variables seem too unspecific. Just having the user id as $_SESSION['id']
seems it could be in the risk for being overridden by something else with an id that it wants to save in the session.
// create session
$data = array(
'id' => $row->id,
'username' => $row->username,
'email' => $row->email,
'loggedin' => TRUE
);
$this->CI->session->set_userdata($data);
A better way seems to me to be to store all these variables in an user-array and save that in the session. This is easily done by just adding one small thing in the session saving. Something like this:
// create session
$data = array(
'id' => $row->id,
'username' => $row->username,
'email' => $row->email,
'loggedin' => TRUE
);
$this->CI->session->set_userdata('user', $data);
This would result in the user data being available from $_SESSION['user']['id']
etc.
Thats a good idead, but i would not add this in v2 this could break some custom created functions from users.
Sounds reasonable!
Really good idea 👍
i agree sounds better