English
English
<?php
// Custom SessionHandler
class CustomSessionHandler extends SessionHandler
{
public function create_sid()
{
// Generate a session ID with a 16-byte random string + current timestamp for uniqueness and unpredictability
return bin2hex(random_bytes(16)) . '-' . time();
}
}
<p>// Instantiate the custom handler<br>
$handler = new CustomSessionHandler();</p>
<p>// Set the custom session handler<br>
session_set_save_handler($handler, true);</p>
<p>// Start the session with the custom session ID generation logic<br>
session_start();</p>
<p>echo "Current Session ID: " . session_id();<br>
?><br>
</span>session_set_save_handler()'s second parameter set to true means PHP will automatically call the methods open(), close(), read(), write(), destroy(), gc() in the registered handler. After inheriting SessionHandler, the default behavior is retained, and there is no need to rewrite all methods.
create_sid() only generates the session ID and does not involve session data storage logic.
The generated ID should be random and unique enough to avoid session ID conflicts.
After customizing the session ID, the old session ID format might be incompatible, so proceed cautiously when deploying to production.
Related Tags:
SessionHandler