Re: [RFC] Secure Session Module Options by Default

From:	Stas Malyshev	Date:	Sun, 02 Feb 2014 07:14:04 +0000
Subject:	Re: [RFC] Secure Session Module Options by Default
References:	1 2 3	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi!

> To set user defined session ID, user has to do
> 
> ini_set('session.use_strict_mode', FALSE);
> session_id(session_create_id('SOME-USEFUL-PREFIX'));
> 
> With this change, user could do
> 
> session_id(session_create_id('SOME-USEFUL-PREFIX'));

I think having parameter on session_id is preferable. What happens if
this is not set and you do session_id('blah') - does it start the
session? What is returned from session_id as the result?


-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227


   

Thread (30 messages)

• Yasuo OhgakiSat, 01 Feb 2014 22:33:37 +0000
  • Stas MalyshevSat, 01 Feb 2014 22:52:56 +0000
    • Yasuo OhgakiSat, 01 Feb 2014 23:59:59 +0000
      • Yasuo OhgakiSun, 02 Feb 2014 00:06:54 +0000
      • Stas MalyshevSun, 02 Feb 2014 07:14:04 +0000
        • Yasuo OhgakiSun, 02 Feb 2014 09:50:17 +0000
          • Yasuo OhgakiSun, 02 Feb 2014 09:51:51 +0000
          • Stas MalyshevSun, 02 Feb 2014 10:25:50 +0000
            • Yasuo OhgakiMon, 03 Feb 2014 02:08:28 +0000
              • Stas MalyshevMon, 03 Feb 2014 08:23:22 +0000
                • Yasuo OhgakiMon, 03 Feb 2014 10:35:26 +0000
                  • Pierre JoyeMon, 03 Feb 2014 10:43:22 +0000
                    • Yasuo OhgakiMon, 03 Feb 2014 10:47:59 +0000
                  • Lester CaineMon, 03 Feb 2014 11:02:09 +0000
  • Yasuo OhgakiSun, 02 Feb 2014 06:50:03 +0000Re: [RFC] Secure Session Module Options by Default
  • Yasuo OhgakiThu, 06 Feb 2014 06:15:11 +0000Re: [RFC] Secure Session Module Options by Default
    • Yasuo OhgakiThu, 06 Feb 2014 06:26:10 +0000
• Andrey AndreevMon, 03 Feb 2014 07:31:28 +0000Re: [RFC] Secure Session Module Options by Default
  • Yasuo OhgakiMon, 03 Feb 2014 10:18:46 +0000
    • Andrey AndreevMon, 03 Feb 2014 10:54:01 +0000
      • Yasuo OhgakiMon, 03 Feb 2014 21:48:17 +0000
        • Andrey AndreevMon, 03 Feb 2014 22:29:52 +0000
          • Yasuo OhgakiMon, 03 Feb 2014 23:05:06 +0000
            • Andrey AndreevTue, 04 Feb 2014 12:59:33 +0000
              • Yasuo OhgakiWed, 05 Feb 2014 00:13:42 +0000
                • Andrey AndreevWed, 05 Feb 2014 20:00:52 +0000
                  • Yasuo OhgakiWed, 05 Feb 2014 21:58:44 +0000
                    • Andrey AndreevThu, 03 Apr 2014 09:31:58 +0000
                      • Yasuo OhgakiFri, 04 Apr 2014 09:14:07 +0000
                        • Yasuo OhgakiMon, 12 May 2014 08:13:33 +0000