Securing PHP $_SESSION data?

I'm working on a project that requires sessions instead of cookies and I was wondering what a good way to secure them are? With cookies I would just do something like this:

$x = serialize(array('username', sha1('pwd')));
setcookie('cookie开发者_开发问答Name', $x, time()+60);
...
$myCookie = unserialize($_COOKIE['cookieName']));
echo $myCookie[0];

But I'm not quite sure how to go about it with sessions.

There's no need to serialize data in the session. It gets serialized for you.

Also I don't see what this has to do with security. The SHA1 hashing of the password in the cookie? You shouldn't send a password client-side at all! At least in the session that variable would only be stored server side (Sessions are stored in a server-side file by default)

Dont put important data into session or cookie. Save id or hashed ID both in the DB and the session then just do check in the database for correct data based on hash key. You can also use md5('username'); save it in the session and after that when you need the data just compare session username/Hash with md5('username'); of current user.

You can store serialzied data into session too. Also, if you want, you can store all session data into searilaized form in database and maintain a sesion ID:

$_SESSION['key']= serialize(array('username', sha1('pwd')));