No, it’s not. You can enable it by configuring session component in your configuration array. Set ‘class’=>‘CDbHttpSession’ to let Yii control everything.
Once it is turned on, you can use setState without sending data out in cookies.
I understand the OP’s concern. I wondered what the rationale is behind disabling server side session storage. Other than the data mining crowd, I haven’t seen anyone use cookies, except sessions cookies, for… well, I can’t remember the last time. If it’s just ffor “auto login”, it’s a high price to pay, imo.
Regardless, ding0, don’t revert to globals, that’s worse.
If you are using a database (id db in this case), then add the following to main.php and sessions will be stored in a table called YiiSession. It’s so easy, and there’s no work involved.
If I don’t explicitly want it to use session, then it shouldn’t. Still, there must be a way when I can store user related information. If I don’t provide storage, it should use whichever has the most accessibility.
Generally, it is a wrong idea not to take advantage of sessions.
If you specify ‘connectionID’, your session data will appear in your primary database. I don’t want to see in my backups, so I just leave that out and let Yii use runtime folder to create sqlite db.
It actually won’t. If there is a checkbox saying ‘remember me’, I always tick that. Saves me one click on every website I regularly use. Saves me thousands of clicks in each month.