Added fatal error to Session class when no encryption key is set in the config file, for additional assurance that session manipulation can be prevented
diff --git a/user_guide/libraries/sessions.html b/user_guide/libraries/sessions.html
index 9a2ca93..7dc386f 100644
--- a/user_guide/libraries/sessions.html
+++ b/user_guide/libraries/sessions.html
@@ -68,6 +68,9 @@
<p class="important"><strong>Note:</strong> The Session class does <strong>not</strong> utilize native PHP sessions. It
generates its own session data, offering more flexibility for developers.</p>
+<p class="important"><strong>Note:</strong> Even if you are not using encrypted sessions, you must set
+an encryption key in your config file which is used to aid in preventing session data manipulation.</p>
+
<h2>Initializing a Session</h2>
<p>Sessions will typically run globally with each page load, so the session class must either be