473,320 Members | 2,000 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Same SESSID after session_destroy

Mat
Hi,
I'm trying to renew a session by using session_destroy() before
starting a new session on the next page. Unfortunately, it seems that
I keep getting the same SESSID (using $_REQUEST["PHPSESSID"]) when the
session starts again. I made a test page to simplify the problem and
it still happens:

<?
session_start();
echo "SESSID = ".$_REQUEST["PHPSESSID"];
session_destroy();
?>

If I refresh this page, I would expect it to give me a new sessid each
time, but it doesn't. Is there something I'm not understanding here?
I also tried putting a couple of extras in like:

unset($_REQUEST["PHPSESSID"]);
session_unset();

Looking forward to hearing from someone!
Thanks,

Mat
Jul 17 '05 #1
2 3279
Mat wrote:
I'm trying to renew a session by using session_destroy() before
starting a new session on the next page. Unfortunately, it seems that
I keep getting the same SESSID (using $_REQUEST["PHPSESSID"]) when the
session starts again.
Yes, that happens. What do you need the session id for?
See below for how I check if a session is new.
I made a test page to simplify the problem and
it still happens:

<?
session_start();
echo "SESSID = ".$_REQUEST["PHPSESSID"];
session_destroy();
?>

If I refresh this page, I would expect it to give me a new sessid each
time, but it doesn't. Is there something I'm not understanding here?
I also tried putting a couple of extras in like:

unset($_REQUEST["PHPSESSID"]);
session_unset();

Looking forward to hearing from someone!


<?php
session_start();
if (!isset($_SESSION['counter'])) $_SESSION['counter'] = 0;

if ($_SESSION['counter'] == 0) {
/* NEW SESSION, probably same id */
echo "NEW SESSION<br/><br/>\n\n";
}

++$_SESSION['counter'];
echo 'session id: ', session_id(), "<br/>\n";
echo 'counter: ', $_SESSION['counter'], "<br/>\n";
if ($_SESSION['counter'] == 3) {
session_destroy();
session_unset();
echo "session destroy'd and unset'd.<br/>\n";
}
?>
--
USENET would be a better place if everybody read: : mail address :
http://www.catb.org/~esr/faqs/smart-questions.html : is valid for :
http://www.netmeister.org/news/learn2quote2.html : "text/plain" :
http://www.expita.com/nomime.html : to 10K bytes :
Jul 17 '05 #2
we*********@matthewmarlow.com (Mat) wrote in message news:<89**************************@posting.google. com>...
Hi,
I'm trying to renew a session by using session_destroy() before
starting a new session on the next page. Unfortunately, it seems that
I keep getting the same SESSID (using $_REQUEST["PHPSESSID"]) when the
session starts again.

<snip>

My knowledge is much theoretical and I guess few possibilities for
the cause:

1. session_destroy() destroys the session file on the server. But, it
doesn't remove the session cookie (which holds the session id) or
doesn't remove the trans sid
2. PHP's session is "permissive" which means you can send any session
id to the server and PHP will create a new session (file) if there is
no such session (with the session id that you pass)
3. So, though session_destroy() destroys the session file, the
current session id found in cookie is still passed to the server which
in turn generates the session with same session id. (Untested
suggession: try deleting the session cookie.)

HTH

--
| Just another PHP saint |
Email: rrjanbiah-at-Y!com
Jul 17 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: Ken | last post by:
I am curious how others solve this problem. After storing the data from sessions in the database. How do you handle the session data stored on the server and cookie on the users computer. I...
3
by: José Landoni | last post by:
Hi, I got a problem with session_destroy function I created a script but it wont work, it goes like this: <?php session_start(); session_unset(); session_destroy();...
3
by: Derek Fountain | last post by:
The documentation says session_destroy() "destroys all of the data associated with the current session". Um, like what? The docs further say that you should remove all information in the _SESSION...
3
by: Remon Huijts | last post by:
Hi, When I use php mail() in a script on my localhost to send an HTML message to an e-mailaccount on my online host, all is fine. When I use php mail() in a script on my online host to send an...
3
by: Coder Droid | last post by:
Without going into the details of my code: is it possible to have two different users logged in at the same time? I had one page where I found the username correctly set, and another where it...
18
by: Gleep | last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this. The goal I don't want clients to give out their usernames and passwords to friends, since the site...
7
by: Sharon | last post by:
Hi all, I've implemented a TCP server using the Socket async methods. When connecting to the server from 3 instances of hyper terminal, i've noticed that each of the newly created server sockets,...
28
by: SzH | last post by:
Suppose that there is a program that takes two files as its command line arguments. Is there a (cross platform) way to decide whether the two files are the same? Simple string comparison is not...
7
by: Jivanmukta | last post by:
Hello, I am learning PHP5. I have a website that consists of two pages: index.php and summary.php. In index.php the user is automatically moved to summary.php with some $_SESSION data so I use...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.