Joe Bobby
Reputation: 2811
Creating Session ID from MD5 Hash
Currently I have this:
$time = time();
$hash = md5($key . $time);
but how do I create a $_SESSION[''] based on the the hash?
Upvotes: 0
Views: 2968
Answers (3)
Whirlwind
Reputation: 13675
If your goal is to make session more secure against session fixation attacks, you can use session_regenerate_id and re-create a new session_id after every x requests:
$_SESSION['last_time_generated']++;
if ($_SESSION['last_time_generated'] > 10) {
$_SESSION['last_time_generated'] = 0;
session_regenerate_id(true);
}
Upvotes: 0
James R
Reputation: 276
I cant see why this wont work.
$time = time();
$hash = md5($key . $time);
$_SESSION['time'] = $hash;
Then try echo it to test:
echo $_SESSION['time'];
or store in your own var
$mysession = $_SESSION['time'];
Upvotes: 1
smiggle
Reputation: 1259
Try it with:
session_id($hash);
session_start();
You can find the explanation in the manuals:
http://php.net/manual/en/function.session-id.php
Upvotes: 2
Related Questions
- md5 hashing using password as salt?
- Represent MD5 hash as an integer
- PHP: Get md5 hash of string + integer addition?
- What is the best way to create a random hash/string?
- PHP Script to MD5 Hash Each Line Separately
- PHP adding up MD5 hashes?
- How do you create "good" random md5 hashes in php?
- PHP md5 generating different hash each time
- Making An md5 hash of hashes
- PHP MD5 hashing