krabello/session.php

## session.php
<?php

if (session_status() == PHP_SESSION_NONE) {

    // Prevents javascript XSS attacks aimed to steal the session ID
    ini_set('session.cookie_httponly', '1');

    // ** PREVENTING SESSION FIXATION **
    // Session ID cannot be passed through URLs
    ini_set('session.use_only_cookies', '1');

    // Uses a secure connection (HTTPS) if possible
    ini_set('session.cookie_secure', '1');

    // SameSite attribute to cookie to help mitigate Cross-Site Request Forgery
    ini_set('session.cookie_samesite', 'None');

    // session_regenerate_id(true);
    session_start();
}
	<?php

	if (session_status() == PHP_SESSION_NONE) {

	// Prevents javascript XSS attacks aimed to steal the session ID
	ini_set('session.cookie_httponly', '1');

	// PREVENTING SESSION FIXATION
	// Session ID cannot be passed through URLs
	ini_set('session.use_only_cookies', '1');

	// Uses a secure connection (HTTPS) if possible
	ini_set('session.cookie_secure', '1');

	// SameSite attribute to cookie to help mitigate Cross-Site Request Forgery
	ini_set('session.cookie_samesite', 'None');

	// session_regenerate_id(true);
	session_start();
	}