How to get SID value from session_start()

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

How to get SID value from session_start()

Post by gimpact »

Hello,

I am trying to create a session and store some user login information on my site. To increase more security, i would like to get the session value and store it into database.

I am generating a random 9 digit number when the user registers. This number is stored into database. When the user logs in, I am creating a MD5 of this random number and storing into session. For each page, I get this session random number, perform MD5 and check with the original random number that was created at the time of registering. Some how I feel, if an attacker knows that number then he can create mess as this session value unlike to change.

So now I am thinking about getting the session value at the time of login, when I use "session_start()" in my login script and store it into my database and check every time i think i should. This way, the session value wont be same all time.

So does any one know how do I retrieve SID when I start a session using "session_start()"? Just like this website, I can see my sid=5d23208a371eacde4b7fecf6192d7bb5 , I would like to store this in my database.

Thank you,
Phaaze
Forum Newbie
Posts: 2
Joined: Tue Oct 06, 2009 10:00 pm

Re: How to get SID value from session_start()

Post by Phaaze »

gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

Re: How to get SID value from session_start()

Post by gimpact »

Thank you, now I have an idea. So my code should be like this if I wish to retrieve the session value? (when I have no session name)

Code: Select all

 
session_start();
$sessionID = session_id();
 
There was an example of getting SID but, i think it will be better to get the session ID alone into a variable and then process it .

Thank you again.
Post Reply