How to rename PHPSESSID?

Asked
Active3 hr before
Viewed126 times

7 Answers

phpsessidrename
90%

See this link for PHP runtime configuration. The variable you are looking for is session.name. You can also alter this programmatically by calling session_name before any call to session_start or session_register.,Try looking at PHP's reference., Is there any kind of biological mechanism that would allow a species with a naturally short lifespan to live longer through cannibalism? ,Asking for help, clarification, or responding to other answers.

session_name('mySessionName');
session_start();
88%

session_name — Get and/or set the current session name, The session name references the name of the session, which is used in cookies and URLs (e.g. PHPSESSID). It should contain only alphanumeric characters; it should be short and descriptive (i.e. for users with enabled cookie warnings). If name is specified and not null, the name of the current session is changed to its value. , Returns the name of the current session. If name is given and function updates the session name, name of the old session is returned, or false on failure. , session_name() returns the name of the current session. If name is given, session_name() will update the session name and return the old session name.

load more v
72%

I wonder how I can change the php session identifier from PHPSESSID to another so that it does not interfere with other PHP scripts running in the same domain. Is it possible?,See this link for PHP runtime tuning . The variable you are looking for is session.name. You can also change this programmatically by calling session_name before any call to session_start or session_register .,Show or hide UIButton in iPhone application using Objective-C - objective-c,How to remove all inherited CSS formatting for a table? - inheritance

session_name('mySessionName');
session_start();
65%

Wondering how I can change the php session id from PHPSESSID to something else so that it does not interfere with other PHP scripts running on the same domain. Is this possible?,See this link for PHP runtime configuration. The variable you are looking for is session.name. You can also alter this programmatically by calling session_name before any call to session_start or session_register.

Answer #2:

session_name('mySessionName');
session_start();
75%

Source: How to rename PHPSESSID?,See this link for PHP runtime configuration. The variable you are looking for is session.name. You can also alter this programmatically by calling session_name before any call to session_start or session_register.

See this link for PHP runtime configuration. The variable you are looking for is session.name. You can also alter this programmatically by calling session_name before any call to session_start or session_register.

session_name('mySessionName');
session_start();
40%

Fourth, the web server responds to the web browser with the PHPSESSID cookie in the response header. If the web browser allows cookies, it will save the PHPSESSID cookie, which stores the session id passed by the web server.,Fifth, in the subsequent request, for example, when you view the cart.php page, the web browser passes the PHPSESSID back to the web server. When the web server sees the PHPSESSID cookie, it will resume the session with the session id stored in the cookie.,When the session_start() runs at the first time, PHP generates a unique session id and passes it to the web browser in the form of a cookie named PHPSESSID.,If a session already exists, PHP checks the PHPSESSID cookie sent by the browser, the session_start() function will resume the existing session instead of creating a new one.

To create a new session, you call the session_start() function:

.wp - block - code {
      border: 0;
      padding: 0;
   }

   .wp - block - code > div {
      overflow: auto;
   }

   .shcb - language {
      border: 0;
      clip: rect(1 px, 1 px, 1 px, 1 px); -
      webkit - clip - path: inset(50 % );
      clip - path: inset(50 % );
      height: 1 px;
      margin: -1 px;
      overflow: hidden;
      padding: 0;
      position: absolute;
      width: 1 px;
      word - wrap: normal;
      word - break: normal;
   }

   .hljs {
      box - sizing: border - box;
   }

   .hljs.shcb - code - table {
      display: table;
      width: 100 % ;
   }

   .hljs.shcb - code - table > .shcb - loc {
      color: inherit;
      display: table - row;
      width: 100 % ;
   }

   .hljs.shcb - code - table.shcb - loc > span {
      display: table - cell;
   }

   .wp - block - code code.hljs: not(.shcb - wrap - lines) {
      white - space: pre;
   }

   .wp - block - code code.hljs.shcb - wrap - lines {
      white - space: pre - wrap;
   }

   .hljs.shcb - line - numbers {
      border - spacing: 0;
      counter - reset: line;
   }

   .hljs.shcb - line - numbers > .shcb - loc {
      counter - increment: line;
   }

   .hljs.shcb - line - numbers.shcb - loc > span {
      padding - left: 0.75 em;
   }

   .hljs.shcb - line - numbers.shcb - loc::before {
      border - right: 1 px solid #ddd;
      content: counter(line);
      display: table - cell;
      padding: 0 0.75 em;
      text - align: right; -
      webkit - user - select: none; -
      moz - user - select: none; -
      ms - user - select: none;
      user - select: none;
      white - space: nowrap;
      width: 1 % ;
   } < ? php

session_start();
Code language: HTML, XML(xml)
load more v
22%

Using ini_set('session.cookie_httponly', 1); will configure PHP to add the flag on the session_id cookie.,The PHPSESSID is stored in the clients cookie so I don't consider it as secure. Someone might bruteforce it and perform some action (like a Facebook status post) whenever a session was successfully hijacked.,Setting the seventh parameter of the setcookie function to true will set the HttpOnly flag on the session_key cookie. More information about all the parameters can be found on the official documentation : http://php.net/manual/function.setcookie.php,Depending of the attack, your code might be either may be more secure than the traditional use of PHP sessions.

Regarding the code itself:

// Generate a random lowercase alphanumeric string
$sessionKey = substr(str_shuffle(str_repeat('0123456789abcdefghijklmnopqrstuvwxyz', 5)), 0, 32);

Other "phpsessid-rename" queries related to "How to rename PHPSESSID?"