What is PHPSESSID?

Issue

I’m playing around with cookies. And I dont have any cookies called PHPSESSID.

Do i need it? Can i remove it?

Whats the “function” of it?

if (count($_POST)) {

setcookie("TestCookie", htmlspecialchars($_POST['val']), time()+3600);
}

print_r($_COOKIE);

Prints:

Array
(
    [TestCookie] => blabla
    [PHPSESSID] => el4ukv0kqbvoirg7nkp4dncpk3
)

Solution

PHP uses one of two methods to keep track of sessions. If cookies are enabled, like in your case, it uses them.

If cookies are disabled, it uses the URL. Although this can be done securely, it’s harder and it often, well, isn’t. See, e.g., session fixation.

Search for it, you will get lots of SEO advice. The conventional wisdom is that you should use the cookies, but php will keep track of the session either way.

Answered By – DigitalRoss

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published