What are session_id, session_regenerate_id and session_name used for?

Question

ok im a newbie on sessions lets imagine that we have a little login site,

heres a logic

1. login
2. if password right = use $_SESSION[isaloginuser] = 1
3. check session to see menus with if $_SESSION[isaloginuser] = 1
4. show the menus
5. the user want to logoff
6. unset session
7. destroy session system

what it use

session_register
session_destroy
session_unset
session_start

where does the session_id & the session_regenerate or session_name goes in ? at php site it says

session_id() is used to get or set the session id for the current session.

i still just dont get it, why do we need them anyway ? in real environment what does it do ?

Answer 1

No, you don’t need to use them. In general all you need is

• session_start to start the session handling, and
• session_destroy to destroy the stored session data (this does not modify $_SESSION), and
• session_unset to reset the $_SESSION variable (but you can also do $_SESSION = array()).

session_id and session_name are to get and set the current session ID and session ID name (default is PHPSESSID). session_regenerate_id can be used to regenerate/change the session ID of the current session. This might be useful if, for example, you want to refresh the session ID every 10 minutes or after changing the state of authenticity of a user associated with a session.