Code Room
Code reviewHard
Question
Review this PHP session-token generator.
What a strong answer looks like
Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.
Learn the concepts
<?phpfunction create_session($user_id) { // build a session token $token = md5($user_id . time()); $expires = time() + 60 * 60 * 24 * 365; // 1 year $db->query("INSERT INTO sessions (token, user_id, expires) VALUES ('$token', $user_id, $expires)"); setcookie('sid', $token, $expires); return $token;}Run or narrate your approach, then ask the coach.