While I was reading about session hijacking articles, i learned that it would be nice to encrypt session id value that is stored in a cookie.
As far as I know, when I start a session by calling session_start()
, PHP does not encrypt session id value in a cookie.
How do I encrypt session id value and then initialize session with it?