Why does codeigniter store its sessiondata in a cookie?

Question

Why does Codeigniter do this? I mean isn\'t it very insecure if users can see which data is stored in their session? And and what if they change a value in the cookie?

Answer 1

check this out: https://bitbucket.org/xperez/core-session-storage-for-codeigniter

its a wrapper for ci_session interface with native php sessions and thus works also with memcached and not DB.

Cheers