yehster wrote on Monday, April 08, 2013:
http://php.net/manual/en/function.session-set-cookie-params.php
For people running SSL on their servers, an additional security measure we can enforce is secure session cookies.
However, it’s not as simple as just calling this function, as we still want “new users” to be able to run without SSL while they are “test driving” things.