How secure are PHP sessions?

Question

I\'m primarily a C++ programmer, but I\'m trying to pick up some PHP.

Apparently the way to implement web user sessions is to store the user\'s login ID in a cookie

Answer 1

Whatever answer you get on this topic you are most likely not going to be satisfied because there are so many different opinions on the topic. There are even entire books written about sessions and PHP security in general.

The best answer you can hope to get here is probably "sessions are as safe as you want them to be". More work and a larger number of precautions will obviously make them safer to use but the implementation itself will consume more time. As with everything you are the one to measure how much safe is safe enough for your needs.