I am trying to understand how sessions really work. On my site when a user logs in I store the user's id in his session. What I want to know is when that user visits other sites while logged in on my site, can that site access or retrieve that session info or the PHPSESSID stored on the user's computer? Because I believe that is stored in the cookie, so it should be accessible.
I've read few articles on session but still I do not know how exactly they work.
Thank you.
No, since:
PHPSESSID is stored by browser, rest all things are stored at server. using PHPSESSID all session data is retrieved by php . like in database, we can get all details with primary key. it's like similar. But you don't need to do anything php do all things for you. you just use $_SESSION array. Cookies saved by browser are not sent to any other domain name. It can be sent to sub-domain, like example.com , abc.example.com etc but it's advance and you have control in which sub-domain you want to send.