Use $context['session_var'] or sesc/sc for session verification?

[kovel]

The Understanding SMF Security wiki page tells me to use the name sesc (in the case of GET requests) or sc (in the case of POST requests) as the name of the request variable used for session checks. However, most SMF code seems to use a dynamic name, $context['session_var'] instead, and the checkSession() function treats sesc/sc as a fallback, but $context['session_var'] isn't documented in the wiki. Which one should I use as a mod author?

[live627]

sesc/sc are from the 1.1 days and are now obsolete. Any references still in 2.x are only for backward compatibility, and any new code should avoid those two.