Hi, just wondering how you initially set the session name with,
ini_set("session.name", "");
Does this have to be set with a $_SESSION, once you have 'session_start'?
Just wondering how to implement it.
Thanks in advance, Tim
Normally there should be no need to set the session name within a given script (at least, I've never messed with it). However, if you have some specific reason for doing so, you can use the [man]session_name/man function to do so.
Thanks for your reply NogDog. Helpful indeed.
So there is no point in changing the standard cookie session name from 'PHPSESSID'?
I thought that If I hide all traces of PHP from users eye's it might help with security.
Thanks for thoughts, Tim
Knowing the cookie name won't do much good to a malicious user without knowing a valid and active session ID, and if any halfway competent hacker wants to know what name you use for the session cookie, it will be pretty easy to figure out (just look for a cookie from your domain with a value that looks like a session ID).
It can't hurt anything to change it to something else if you want to, though I'd probably change it via a .htaccess file entry rather than in each script (assuming you're running under Apache). But personally I would not bother, myself.
Thanks NogDog, That's all I needed to know.
Cheers Tim
