I want to know if someone knows my session id from HTML source, then they can hack my site?
For example, if i set a class in html like this <div class="class<?php echo session_id(); ?>"></div>
Then the HTML source code (that can be viewed from the browser) wil be <div class="class78345543545c344x"></div>
Is it risk?
分享 No matter what you store in a user's session, do not, i repeat, do not share the session id to someone other that the current user. Even though the session id is stored in a cookie (if enabled) or passed by query parameter in each request, no other person than the current user should be aware of somebody else's session id. Otherwise, identity phishing is wide open.
As per one of your comments, you need a unique and random number until the session is finished, you could store it in session:
session_start();
if (!isset($_SESSION['myUniqueId'])) {
$_SESSION['myUniqueId'] = rand(0, 99999999);
}
公安备案号11010502030143
