i've few questions about PHP sessions. hope to get the answers soon.
if i'll only use session with out creating any cookies. does the session automatically create cookies at client browser?
how to know the session id? is it created by the developer or each session created is referenced by an id?
if i'll destroy a session, before destroying do i've to delete the cookies also for which i never written code in my site? (as i need to create only one time log in may b once in a year like election. so i don't need to store user information at client.)
if my code will be
$_SESSION['user']='xxx'
, when 'yyy' logs in, does the$_SESSION['user']
gets replaced by 'yyy' as the session data is stored in server?how do i know, how many simultaneous users can my site handle? does this has anything to do with how i manage the sessions? or server traffic?
i read somewhere that sessions can also be hijacked. and hence suggested to store sessions in database instead of /tmp in server. how to store sessions in database? is there any specific process or we have to proceed like classical way, writing a query to insert when the session is created and deleting it when session is destroyed?
thanks in advance.