1.2.1357. Use session_start() Options¶
It is possible to set the session’s option at session_start() call, skipping the usage of session_option().
This way, session’s options are set in one call, saving several hits.
This is available since PHP 7.0. It is recommended to set those values in the php.ini file, whenever possible.
<?php
// PHP 7.0
session_start(['session.name' => 'mySession',
'session.cookie_httponly' => 1,
'session.gc_maxlifetime' => 60 * 60);
// PHP 5.6- old way
ini_set ('session.name', 'mySession');
ini_set("session.cookie_httponly", 1);
ini_set('session.gc_maxlifetime', 60 * 60);
session_start();
?>
1.2.1357.1. Suggestions¶
Use session_start() with array arguments
1.2.1357.2. Specs¶
Short name |
Php/UseSessionStartOptions |
Rulesets |
|
Exakat since |
0.11.8 |
PHP Version |
With PHP 7.0 and more recent |
Severity |
|
Time To Fix |
|
Precision |
Very high |
Features |
session |
Examples |
|
Available in |