I found a PHP class
The article that talks about it can be found How to create a bulletproof-sessions
This class is about creating a secured session where the session_id
changes with every request and the also request is destroyed so an attacker won't be able to find any session.
The instructions states, in order to create a new session then you do:
// Creates a basic session.
SessionManager::sessionStart('InstallationName');
But how can I set a session variable? (ie. $_SESSION['first_name'] = 'Mike';
)
So how can I save different variables in this session?
When I take a look at the class itself, (http://phpsessionmanager.googlecode.com/svn/trunk/Session.class.php) I think that this class isn't being used to initiate a session variable as you want to use it.
For example: You can initialize this class AFTER a user logged in on your site. This way, you can identify the user (afterwards) without the need for requesting the user credentials again.
Correct me if I'm wrong.