Hacking with PHP has been updated for PHP 7 - click here! >>

Answers to Chapter 10

  1. "If cookies are disabled on a visitor's machine, should you try using sessions" PHP can try to work around this problem by rewriting all the URLs, but it's very insecure: best just to ask your users to enable cookies.

  2. "Sessions are terminated when your visitor navigates away from your site: true or false" False: the session is only terminated when the browser is closed.

  3. "Because sessions are stored on your server, they are more secure: true or false" True.

  4. "You always need to call serialize() before storing an array in a session: true or false" False, but it's recommended anyway as it makes your intentions clear.

  5. "Which php.ini directive allows you to specify how long a session should be considered active" The answer is "f", session.gc_maxlifetime.

  6. "If you are using a custom session data handler, what should the session read function return if no data exists for the current session" An empty string.


If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!

Next chapter: Answers to Chapter 11 >>

Previous chapter: Answers to Chapter 9

Jump to:


Home: Table of Contents

Copyright ©2015 Paul Hudson. Follow me: @twostraws.