Added fatal error to Session class when no encryption key is set in the config file, for additional assurance that session manipulation can be prevented

commit: 5485db50775d4e2f76a593ef8b3425f6a1b90666 [log] [tgz]
author: Derek Jones <derek.jones@ellislab.com> Mon Aug 30 21:31:08 2010 -0500
committer: Derek Jones <derek.jones@ellislab.com> Mon Aug 30 21:31:08 2010 -0500
tree: 1b934405afbdcd4501237b11959117006806784b
parent: 60f8c395f24ba6db80d510892bcc53ce5bf9f4eb [diff] [blame]
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index cf6dc96..f413c0d 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php

@@ -65,6 +65,11 @@
 			$this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key);
 		}
 
+		if ($this->encryption_key == '')
+		{
+			show_error('In order to use the Session class you are required to set an encryption key in your config file.');
+		}
+
 		// Load the string helper so we can use the strip_slashes() function
 		$this->CI->load->helper('string');
commit	5485db50775d4e2f76a593ef8b3425f6a1b90666	[log] [tgz]
author	Derek Jones <derek.jones@ellislab.com>	Mon Aug 30 21:31:08 2010 -0500
committer	Derek Jones <derek.jones@ellislab.com>	Mon Aug 30 21:31:08 2010 -0500
tree	1b934405afbdcd4501237b11959117006806784b
parent	60f8c395f24ba6db80d510892bcc53ce5bf9f4eb [diff] [blame]