How to get SID value from session_start()
Posted: Tue Oct 06, 2009 10:03 pm
Hello,
I am trying to create a session and store some user login information on my site. To increase more security, i would like to get the session value and store it into database.
I am generating a random 9 digit number when the user registers. This number is stored into database. When the user logs in, I am creating a MD5 of this random number and storing into session. For each page, I get this session random number, perform MD5 and check with the original random number that was created at the time of registering. Some how I feel, if an attacker knows that number then he can create mess as this session value unlike to change.
So now I am thinking about getting the session value at the time of login, when I use "session_start()" in my login script and store it into my database and check every time i think i should. This way, the session value wont be same all time.
So does any one know how do I retrieve SID when I start a session using "session_start()"? Just like this website, I can see my sid=5d23208a371eacde4b7fecf6192d7bb5 , I would like to store this in my database.
Thank you,
I am trying to create a session and store some user login information on my site. To increase more security, i would like to get the session value and store it into database.
I am generating a random 9 digit number when the user registers. This number is stored into database. When the user logs in, I am creating a MD5 of this random number and storing into session. For each page, I get this session random number, perform MD5 and check with the original random number that was created at the time of registering. Some how I feel, if an attacker knows that number then he can create mess as this session value unlike to change.
So now I am thinking about getting the session value at the time of login, when I use "session_start()" in my login script and store it into my database and check every time i think i should. This way, the session value wont be same all time.
So does any one know how do I retrieve SID when I start a session using "session_start()"? Just like this website, I can see my sid=5d23208a371eacde4b7fecf6192d7bb5 , I would like to store this in my database.
Thank you,