What are some best practices for managing sessions in PHP to prevent data persistence issues?

When managing sessions in PHP, it is important to regenerate the session ID after a user logs in or performs any sensitive actions to prevent session fixation attacks. This ensures that the session ID is constantly changing and cannot be easily hijacked. Additionally, always validate and sanitize user input before storing it in the session to prevent data persistence issues.

// Regenerate session ID
session_regenerate_id(true);

// Validate and sanitize user input before storing in session
$_SESSION['username'] = filter_var($_POST['username'], FILTER_SANITIZE_STRING);