"If cookies are disabled on a visitor's machine, should you try using sessions" PHP can try to work around this problem by rewriting all the URLs, but it's very insecure: best just to ask your users to enable cookies.
"Sessions are terminated when your visitor navigates away from your site: true or false" False: the session is only terminated when the browser is closed.
"Because sessions are stored on your server, they are more secure: true or false" True.
"You always need to call serialize() before storing an array in a session: true or false" False, but it's recommended anyway as it makes your intentions clear.
"Which php.ini directive allows you to specify how long a session should be considered active" The answer is "f", session.gc_maxlifetime.
"If you are using a custom session data handler, what should the session read function return if no data exists for the current session" An empty string.
If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!
Next chapter: Answers to Chapter 11 >>
Previous chapter: Answers to Chapter 9
Home: Table of Contents
Copyright ©2015 Paul Hudson. Follow me: @twostraws.