Hi all
Session ID can be non HEX strings. session_create_id() makes custom
session ID creation easier.
https://wiki.php.net/rfc/session-create-id
Please note that the implementation was in the session.c years ago.
The patch enables and add test for it.
Comments are appreciated!
--
Yasuo Ohgaki
yohgaki@ohgaki.net
Hi!
Session ID can be non HEX strings.
session_create_id()makes custom
session ID creation easier.
https://wiki.php.net/rfc/session-create-idPlease note that the implementation was in the session.c years ago.
The patch enables and add test for it.
I like the idea, but I would add a bit more details - where the ID comes
from? Can I control it, and if so, how? Is uniqueness ensured and if
not, how one is recommended to deal with it? Some code examples would
help too. Some of it may be obvious to people who have been discussing
session stuff for years now, but the RFC should be accessible to
everybody, not just those participating is specific discussion. Ideally,
one should be able to understand the RFC by knowing only what the PHP
manual says and reading the RFC text.
Thanks,
Stas Malyshev
smalyshev@gmail.com
Hi Stas,
Session ID can be non HEX strings.
session_create_id()makes custom
session ID creation easier.
https://wiki.php.net/rfc/session-create-idPlease note that the implementation was in the session.c years ago.
The patch enables and add test for it.I like the idea, but I would add a bit more details - where the ID comes
from? Can I control it, and if so, how? Is uniqueness ensured and if
not, how one is recommended to deal with it? Some code examples would
help too. Some of it may be obvious to people who have been discussing
session stuff for years now, but the RFC should be accessible to
everybody, not just those participating is specific discussion. Ideally,
one should be able to understand the RFC by knowing only what the PHP
manual says and reading the RFC text.
Thank you for your comment.
Added more description,
https://wiki.php.net/rfc/session-create-id
If you feel missing something. Please let me know.
Regards,
--
Yasuo Ohgaki
yohgaki@ohgaki.net