How to validate user session on every page

Upon succesful login, you create a

$this->session->set_userdata(array('authorized' => true));

You can then make an auth library, or a model method, whatever suits you that just checks if this session data exists.

function is_logged(){  return (bool)$this->session->userdata('authorized');}

if FALSE, user is not logged, if TRUE it is. You can call this function on every controller's method you need to place behind authentication, or in controllr's constructor if you need it for all methods (ex. an admin panel)

have a look, for ex., on how Ion Auth, one of the mainstream Auth Libraries in CI, handles the thing (uses the logged_in() method which does the same as in my example code. Keep in mind that sessions are encrypted, and if stored in database security is even higher);https://github.com/benedmunds/CodeIgniter-Ion-Auth/blob/2/libraries/Ion_auth.php

Sessions are stored on the server so no validation is required. You only need to validate what you put in the session.

Sessions are authenticated by the user supplying a session_id cookie (PHPSESSID).

Cookies on the other do require validation, but cookies shouldn't be used to store critical data so it's a bit moot.

You should have write a function in helper like session_helper.And in constructor of your class call this helper method.If your user is logged in correctly then it will continue,other wise it will redirect to log in page.Your Helper should be like this

   function session_set()   {$ch=&get_instance();if($ch->session->userdata('your_session_id')==''){    redirect('your_login_page');}   

and in controller you should check like this(constructor)

   session_set();

Hope this will work for you