What are the security risks associated with URL-based session management in PHP?

Using URL-based session management in PHP can expose sensitive session data to potential security risks, such as session hijacking and session fixation attacks. To mitigate these risks, it is recommended to use cookie-based session management instead, as cookies are more secure and less susceptible to attacks.

// Set session cookie parameters
session_set_cookie_params([
    'lifetime' => 0,
    'path' => '/',
    'domain' => 'example.com',
    'secure' => true,
    'httponly' => true
]);

// Start the session
session_start();