+b. Changing php.ini
+
+ PHP defaults to look for php.ini (PHP's configuration file) in
+ /usr/local/lib. However, for security reasons, it is suggested
+ that the location of this file is changed to someplace else. This
+ can be done at configure time with the configuration directive
+ --with-config-file-path=PATH.
+
+ Edit the php.ini file and make sure session.use_cookies is 1. Also
+ be sure to change the session.save_path to someplace that can only
+ be read and written to by the webserver. session.save_path is the
+ location that PHP's session data will be written to.
+
+ SECURITY WARNING - If a user has access to write PHP scripts on your
+ system and knows the location where PHP stores session data, he
+ could get a listing of the sessions being used and then read a given
+ session's data with his own PHP script. Caution should be used when
+ setting up permissions and locations of php.ini and the session data.
+
+c. Setting up .php files to use PHP4