0, 'path' => '/', 'secure' => false, // set to true in production (HTTPS) 'httponly' => true, 'samesite' => 'Lax', ]); session_start(); } }