Menu
I am in the process of upgrading codeigniter from 1.7.2 to 2.0.1.
Everything seems to have gone ok except I get
In order to use the Session class you are required to set an encryption key in your config file.
What is the change in 2.0.0/2.0.1 that has caused this?
What change do I need to make to fix this.
Will making said change break anything?
583
The CodeIgniter 2.0. 2 requires to set an encryption key in the config file i.e. $config['encryption_key'] , if you want to use Session class.
Setting your encryption_key An encryption key is a piece of information that controls the cryptographic process and permits a plain-text string to be encrypted, and afterwards - decrypted.
ohai again https://www.codeigniter.com/user_guide/libraries/encryption.html :D
The reason they ask for an encryption key is security (obviously)
Note: Even if you are not using encrypted sessions, you must set an encryption key in your config file which is used to aid in preventing session data manipulation. - source: https://www.codeigniter.com/user_guide/libraries/sessions.html
This modification won't break your code. But be careful when updating from 1.7.2 to 2.0.1. I suggest you to backup your code :)
BTW they added this security improvement with the 2.0.0 version of CI. I don't know why they don't mention it in their upgrade guide though :(
140
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
