I am working on a site where I need to generate an authentication key that will be stored in both a session variable and a cookie. I generate this key using the following.
$auth_key = sha1(microtime() . rand(10000, 99999 ));
I then go on to store this value in a cookie and session variable like this…
setcookie(‘auth_key’, $auth_key, $expiration);
$_SESSION[‘auth_key’] = $auth_key;
The problem is that $auth_key generates a different value for the cookie and the session variable.
Is there any way to turn the $auth_key (ie: random and microtime values) in to variable that does not change?
In other words can PHP store a random variable in an unchanging variable?
Any help would be much appreciated.