Use this function in place of session_start().
To protect against session attacks