How to use and handle sessions in CodeIgniter

In CodeIgniter, sessions are used to store and manage user-specific data across multiple pages or requests. Sessions are essential for maintaining user authentication, storing shopping cart information, and various other scenarios where you need to persist data between HTTP requests. Here's a step-by-step guide on how to use and handle sessions in CodeIgniter:

1. Configuration

Make sure sessions are configured correctly in your config.php file application/config/config.php

$config['sess_driver'] = 'database'; // Choose your session driver (database, files, etc.)
$config['sess_cookie_name'] = 'ci_session'; // Name of the session cookie
$config['sess_expiration'] = 7200; // Session expiration time (in seconds)
$config['sess_save_path'] = 'ci_sessions'; // Session save path for the database driver
$config['sess_match_ip'] = FALSE; // Match the user's IP address for security
$config['sess_time_to_update'] = 300; // Time to refresh the session data (in seconds)

2. Load the Session Library

In your controller, load the session library in the constructor or the method where you intend to use sessions:


3. Setting Session Data

You can store data in sessions using the set_userdata method:

$this->session->set_userdata('user_id', 123);
$this->session->set_userdata('username', 'alfaiz');

4. Getting Session Data

Retrieve session data using the userdata method:

$user_id = $this->session->userdata('user_id');
$username = $this->session->userdata('username');

5. Unsetting Session Data

To remove session data, use the unset_userdata method:


6. Flashdata

Flashdata is data that is available only for the next request and is automatically removed afterward. You can use it for displaying success or error messages. Set flashdata like this:

$this->session->set_flashdata('message', 'Data saved successfully');

Retrieve flashdata like regular session data:

$message = $this->session->flashdata('message');

7. Destroying a Session

To destroy the entire session, use the sess_destroy method. Typically, this is used when a user logs out:


8. Checking if a Session Variable Exists

You can check if a session variable exists using the has_userdata method:

if ($this->session->has_userdata('user_id')) {
    // Session variable exists

9. Security

Ensure that you follow security best practices when working with sessions. CodeIgniter provides built-in security features, but you should still be cautious about storing sensitive information in sessions.

10. Database Session Storage (Optional)

If you chose the database driver for session storage, make sure to create the required session table. You can find the SQL schema for the session table in the session.php configuration file application/config/session.php.

11. Auto-Loading Sessions (Optional)

If you want sessions to be available globally in all controllers and methods, you can set the session library to autoload in application/config/autoload.php:

$autoload['libraries'] = array('session');

That's a basic overview of how to use and handle sessions in CodeIgniter. You can adapt these steps to your specific application needs. Remember to consult the official CodeIgniter documentation for more details and advanced usage. Check Codeigniter Document

Muhammad Alfaiz
Alfaiz 6 months ago
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x