Does Kohana always use native sessions for something even when using database sessions?

Question

I'm using Kohana 3.3 and in my bootstrap.php I'm setting Session::$default = 'database';

Sessions are indeed going into the database and seem to be working fine. However, the browser is still getting a "native" session cookie. It has both "nsession" and "session" cookies.

Does Kohana 3.3 always use a native session for something, even when telling to default to database sessions?

Also, how do each of these sessions relate to how php handles sessions on a lower level, like the session files going into /var/lib/php5?

My Kohana session config:

return array(
    'native' => array(
        'name' => 'nsession',
        'lifetime' => 604800,
    ),
    'cookie' => array(
        'name' => 'csession',
        'encrypted' => TRUE,
        'lifetime' => 604800,
    ),
    'database' => array(
        'name' => 'session',
        'encrypted' => FALSE,
        'lifetime' => 604800,
        'group' => 'default',
        'table' => 'sessions2',
        'columns' => array(
            'session_id'  => 'session_id',
            'last_active' => 'last_active',
            'contents'    => 'contents'
        ),
        'gc' => 500,
    ),
);

Answer 1

No Kohana 3.3 should not make a "native session" cookie if you set the default to "database". It does save a session cookie with the session id though. If other cookies are still being created probably something else is going wrong.

Two things that come to mind is session.auto_start is true in your php.ini or somewhere you are still using the "native" session driver somewhere.

How the 3 work internally is pretty much the same. They all use the php SessionHandlerinterface. The only difference between the 3 drivers is how the session data is saved, retrieved and deleted.

Native:

PHP saves the session to a location on the disk. The location is specified in the php.ini file.

Cookie:

The session data gets saved into a cookie. So this implementation actually uses two cookies to save the session data. (1: session id, 2: session data)

Database:

The session data gets saved in a database.

I hope this helps you.