I have some confusion with session handling 开发者_运维技巧in PHP. I know how to regenerate new session ID in PHP using session_regenerate_id();, but I don't understand why and when I should regenerate a new session ID.
I have been googling for some time without avail. No one explains why I need to regenerate a new session ID.
Can someone explain why and when I would need to regenerate a new session ID?
The reason that regenerating sessions is seen as good, is that it tries to prevent session fixation (or at least limit the damage).
Depends on your situation. Most of the time you shouldn't need to regenerate the ID
All you will need is session_start at the top of you pages.
I Would recommend reading the manual on sessions http://www.php.net/manual/en/book.session.php
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论