Differences

This shows you the differences between two versions of the page.

--- v5:session:reference:adodb_session_regenerate_id [2016/05/22 01:13] – [Usage] mnewnham
+++ v5:session:reference:adodb_session_regenerate_id [2018/07/01 22:05] (current) – typo in class name peterdd
@@ Line 10: / Line 10: @@
 ===== Description =======
 Since PHP V4.21, this function has simply been a wrapper for the PHP function [[http://php.net/manual/en/function.session-regenerate-id.php|session_regenerate_id()]] .
-=====Usage=====
-<code php>
-include_once 'adodb/adodb.inc.php';
+===== Session Cookie Regeneration =====
-include_once "adodb/session/adodb-session2.php";
-ADODB_session::config($driver,$host,$user,$pass,$database);
+The method ''adodb_session_regenerate_id()'' will dynamically change the current session id with a newly generated one and update database. This currently only works with cookies. Useful to improve security by reducing the risk of session-hijacking.
-$_SESSION['key1'] = 'value1';
+=====Usage=====
-$_SESSION['key2']['sub1'] = 'subvalue1';
+<code php>
-$_SESSION['key2']['sub2'] = 'subvalue2';
+include 'adodb/adodb-session2.php';
+ADODB_Session::config($driver,$host,$user,$pass,$database);
+session_start();
+/*
+* Approximately every 10 page loads, reset cookie for safety.
+* This is extremely simplistic example, better
+* to regenerate only when the user logs in or changes
+* user privilege levels.
+*/
+if ((rand()%10) == 0)
+    adodb_session_regenerate_id();
+</code>
-adodb_session_regenerate_id();
-</code>