Stacks wrote:Could you give me an example? I've never seen a "custom" session Id.
Code: Select all
<?php
// start session
session_start();
// create a random number
$random_number = mt_srand();
// hash it to make it more difficult to guess
$random_hashed_number = hash('md5', $random_number);
// create a session variable
$_SESSION['custom_sessionId'] = $random_hashed_number;
//
?>Code: Select all
<?php
//
session_start();
//
if (!isset($_SESSION['custom_sessionId']) || (!isset($_SESSION['another_value'])) {
header('invalid.page');
}
?>