Sessions... SID... ???

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
patnet2004
Forum Newbie
Posts: 14
Joined: Sat Jul 19, 2003 3:26 am
Location: Computer Desk

Sessions... SID... ???

Post by patnet2004 »

im new to php and im just now getting into sessions and i have a few questions that my book doesn't answer directly...

when i call session_start() it makes a const named "SID", right?

so this SID is totally unique?

and the only way it would ever be reused is if i call the session_destroy() function?
User avatar
Fredix
Forum Contributor
Posts: 101
Joined: Fri Jul 18, 2003 2:16 pm
Location: Wehr (Eifel) Germany
Contact:

Post by Fredix »

yes, once a sid is a assigned it would not be given to a second person until you either destroy it or until it expires.

as far as I know there is only one problem with session ids: they might be guessed by chance and then a second person is handled like the first one and this is a security risc. But i think this is nearly impossible
Post Reply