[wp-hackers] Why WordPress killing Session ?

Andrew Nacin wp at andrewnacin.com
Tue Feb 12 18:50:58 UTC 2013

On Tue, Feb 12, 2013 at 9:48 AM, Sinan <sinan at sinanisler.com> wrote:

> So if we cant use basic sessions what we should use alternative  of it?
> What Wp functions is alternative sessions.

Nothing is stopping you from using sessions. As Otto writes, there are a
number of reasons why not to use sessions. WordPress has these reasons, and
others. WordPress, very simply, does not use them and has no need for them.

On Tue, Feb 12, 2013 at 1:39 PM, William Satterwhite <
whsatterwhite at gmail.com> wrote:

> Can someone supplement this thread with what WordPress utilizes in lieu of
> sessions? Maybe that could be used as an educational piece for the original
> poster and why they probably shouldn't use them.

WordPress does not leverage or rely on any server-side session management.
WordPress sets and reads its own set of authentication cookies. In
wp-includes/pluggable.php, see:
wp_validate_auth_cookie(), wp_generate_auth_cookie(),
wp_parse_auth_cookie(), wp_set_auth_cookie(), wp_clear_auth_cookie().


More information about the wp-hackers mailing list