Most users find that the built-in sessions that PHP uses are more than enough to handle what they need. But there are times that you just need a little bit more "bang for your buck", and this new piece from DotGeek.org can help.

Advanced Database Sessions covers "the truth" about PHP sessions, how to improve upon them, and the actual code to back it up. They state that, though the default PHP sessions are easier to use, they should not be a part of any site. One of the major flaws? The session files are stored in /tmp where anyone can get to them (can be changed though). Their solution? Use a MySQL myisam table to avoid race conditions as well as session hijacking.

The code that they give helps you to store these sessions (random garbage stored in a cookie) along with IP checking to help ensure that the session is not stolen.