I write this session helper class to use it inside my projects for managing the $_SESSION variables setup after an user login or logout. It's very simple and after some tests it seems to work smoothly and fine.

The class doesn't have a constructor, this because the needed parameters that are the username and the user id are passed directly to the setSession method.

The sessionCode method is instead only a code who is used to check if the user is logged in or not, this to limit the access to certain pages if needed.

<?php
namespace library;

class SessionHelper{

private $username;
private $id;
private $ip;

public function setSession(string $username,int $id){
    session_regenerate_id();
    $_SESSION['session_code'] = $this->sessionCode();
    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
    $_SESSION['user_id'] = $id;
    $_SESSION['username'] = $username;

    return true;
}

public function unsetSession(){
    session_unset();
    session_destroy();
    return true;
}

private function sessionCode(){
    $code = bin2hex(openssl_random_pseudo_bytes(8));
    return $code;
}

}

?>

Usage example:

<?php
require_once 'SessionHelper.php';

use library\SessionHelper as SessionHelper;

$session = new SessionHelper;

$session->setSession('user1', '4');

?>

I write this session helper class to use it inside my projects for managing the $_SESSION variables setup after an user login or logout. It's very simple and after some tests it seems to work smoothly and fine.

The class doesn't have a constructor, this because the needed parameters that are the username and the user id are passed directly to the setSession method.

The sessionCode method is instead only a code who is used to check if the user is logged in or not, this to limit the access to certain pages if needed.

<?php
namespace library;

class SessionHelper{

private $username;
private $id;
private $ip;

public function setSession(string $email,int $id){
    session_regenerate_id();
    $_SESSION['session_code'] = $this->sessionCode();
    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
    $_SESSION['user_id'] = $id;
    $_SESSION['username'] = $email;

    return true;
}

public function sessionStatus(){
    if(isset($_SESSION['session_code'])){
        if(hash_equals($_SESSION['session_code'], $this->sessionCode())){
          return true;
        } else {
          return false;
        }
    }    
}

public function unsetSession(){
    session_unset();
    session_destroy();
    return true;
}

private function sessionCode(){
    return hash('sha256', session_id());
}

}

?>

USAGE EXAMPLE AFTER A LOGIN SCRIPT:

<?php
require_once 'SessionHelper.php';

use library\SessionHelper as SessionHelper;

$session = new SessionHelper;

$session->setSession('user1', '4');

?>

USAGE ON RESTRICTED ACCESS PAGES

<?php
session_start(); 

require_once 'library/Autoloader.php';

use library\SessionHelper as SessionHelper;

$session = new SessionHelper;

if($session->sessionStatus() != true){
  header('Location: index');
  die();
}
?>

I write this session helper class to use it inside my projects for managing the $_SESSION variables setup after an user login or logout. It's very simple and after some tests it seems to work smoothly and fine. The class doesn't have a constructor, this because the needed parameters that are the username and the user id are passed directly to the setSession method. The sessionCode method is instead only a code who is used to check if the user is logged in or not, this to limit the access to certain pages if needed.

<?php
namespace library;

class SessionHelper{

private $username;
private $id;
private $ip;

public function setSession(string $username,int $id){
    session_regenerate_id();
    $_SESSION['session_code'] = $this->sessionCode();
    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
    $_SESSION['user_id'] = $id;
    $_SESSION['username'] = $username;

    return true;
}

public function unsetSession(){
    session_unset();
    session_destroy();
    return true;
}

private function sessionCode(){
    $code = bin2hex(openssl_random_pseudo_bytes(8));
    return $code;
}

}

?>

Usage example:

<?php
require_once 'SessionHelper.php';

use library\SessionHelper as SessionHelper;

$session = new SessionHelper;

$session->setSession('user1', '4');

?>

I write this session helper class to use it inside my projects for managing the $_SESSION variables setup after an user login or logout. It's very simple and after some tests it seems to work smoothly and fine. 

The class doesn't have a constructor, this because the needed parameters that are the username and the user id are passed directly to the setSession method. 

The sessionCode method is instead only a code who is used to check if the user is logged in or not, this to limit the access to certain pages if needed.

<?php
namespace library;

class SessionHelper{

private $username;
private $id;
private $ip;

public function setSession(string $username,int $id){
    session_regenerate_id();
    $_SESSION['session_code'] = $this->sessionCode();
    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
    $_SESSION['user_id'] = $id;
    $_SESSION['username'] = $username;

    return true;
}

public function unsetSession(){
    session_unset();
    session_destroy();
    return true;
}

private function sessionCode(){
    $code = bin2hex(openssl_random_pseudo_bytes(8));
    return $code;
}

}

?>

Usage example:

<?php
require_once 'SessionHelper.php';

use library\SessionHelper as SessionHelper;

$session = new SessionHelper;

$session->setSession('user1', '4');

?>