这是我的会话类中的init()
方法:
public static function init() {
$bSecure = true;
$bHttpOnly = true;
$cookieParams = session_get_cookie_params();
setcookie(
'sid',
session_id(),
$cookieParams['lifetime'],
$cookieParams['path'],
$cookieParams['domain'],
$bSecure,
$bHttpOnly
);
session_start();
session_regenerate_id(true);
if (!isset($_SESSION['valid_sess'])) {
session_unset();
session_destroy();
session_start();
session_regenerate_id(true);
}
$_SESSION['valid_sess'] = true;
}
这样安全吗?我已经获得了SSl证书