Hi all,

On Wed, Aug 10, 2016 at 7:03 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> It requires a lot less user code
>
> session_rengenerate_id('myprefix-');
>
> yet it is safe.

I forgot to mention important requirement.
It is safe when 'session.use_strict_mode=1'.

Unfortunately, RFC for enabling use_strict_mode by default
https://wiki.php.net/rfc/session-use-strict-mode
is declined.

--
Yasuo Ohgaki
yohg...@ohgaki.net

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to