I am trying to create a more secure PHP sessions login script. Unfortunately for this project I will be working with shared hosting. Would using PHP's session_save_path()
function to change the path to something other than /tmp
be a secure solution? Or do I need to save the sessions in the database?
Thanks!