Jump to content

The session id that won't die

jeff5656

By jeff5656
in PHP Coding Help

 Share

Recommended Posts

jeff5656 Advanced Member

jeff5656

Posted
Posted

This is weird.  I thought session_destroy erased your session id:

 

echo "session is ".session_id();
session_destroy();
echo "<br>session now is ".session_id();

 

When I run it i get:

session is mkqb0m49ktbtt1g34r6e67g012
session now is

 

But when I reload the page I get the same thing! 

session is mkqb0m49ktbtt1g34r6e67g012
session now is

 

If session_id was destroyed (it echoed blank to prove this) why does it get repopultaed with the same session id when I reload the browser?

 

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Chances are your session is using cookies, you need to unset the session cookie. See the example 1 from the session_destroy man page.

 

$params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );

 

You call that and then the session_destroy function and this should wipe the slate clean. It may take a page reload for it to be completely removed as an FYI.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

I would just use cookies.

 

Dude you should just stop now, you obviously have no clue how sessions work. So until you can take the time to understand them, stop acting like you know, which you obviously are ill-informed on how sessions work.

Link to comment
Share on other sites
GoneNowBye Member

GoneNowBye

Posted
Posted

in the code of those that have never tried / lack the inteligence to do it themselves.

 

^.^

 

maybe i should realise a much more robust library that can actually be used for on the fly authentication (when the user returns) rather then, "they have the session must be them" hmm

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

maybe i should realise a much more robust library that can actually be used for on the fly authentication (when the user returns) rather then, "they have the session must be them" hmm

 

Can you write that in English? Thanks!

Link to comment
Share on other sites
GoneNowBye Member

GoneNowBye

Posted
Posted

sorry that was a proof reading fail. and a "too many thoughts" fail

 

maybe i should POST a much more robust library (When compaired to the out-of-the box session functions) that can actually be used as a system for on the fly authentication (when the user returns) as oppossed to; "they have the session must be them" hmm

 

 

excuse the spellings

<--dyslexic, but still more intelligent then you :P

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.