Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
822 views
in Technique[技术] by (71.8m points)

codeigniter - In order to use the Session class you are required to set an encryption key in your config file

I am in the process of upgrading codeigniter from 1.7.2 to 2.0.1.

Everything seems to have gone ok except I get

In order to use the Session class you are required to set an encryption key in your config file.

What is the change in 2.0.0/2.0.1 that has caused this?

What change do I need to make to fix this.

Will making said change break anything?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

ohai again https://www.codeigniter.com/user_guide/libraries/encryption.html :D

The reason they ask for an encryption key is security (obviously)

Note: Even if you are not using encrypted sessions, you must set an encryption key in your config file which is used to aid in preventing session data manipulation. - source: https://www.codeigniter.com/user_guide/libraries/sessions.html

This modification won't break your code. But be careful when updating from 1.7.2 to 2.0.1. I suggest you to backup your code :)

BTW they added this security improvement with the 2.0.0 version of CI. I don't know why they don't mention it in their upgrade guide though :(


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...