Updating session ID for added security

Asked

Viewed 30 times

0

for me to keep my session data more secure, I can update the session id on each page by staying as follows:

 if (!isset($_SESSION)) { session_start(); session_regenerate_id();

}  

This will overload the server?

  • This code there makes no sense. If you are going to use session, session_start() does not have to be inside if. Similarly, session_regenerate_id() would not work without Session, it still makes no sense to depend on if. As for changing the session id, the biggest "benefit" you’ll get at the current stage is creating headaches to debug your code.

1 answer

1


It will not overload no, only if you have like thousands, or millions or a little more than that of kk pages, otherwise it will not influence so much in the server

  • or else, can I update my id only on certain pages? What is more coherent?

  • I wouldn’t worry about changing the id so much, you can do this on some pages, or only when there is some change not session, but worry more about encrypting the data that will be in this session. But any extra security is welcome

  • got it. thanks for the clarifications.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.