By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,949 Members | 1,869 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 437,949 IT Pros & Developers. It's quick & easy.

session_start doesn't allocate a new id?

P: n/a
I'm having a funny problem. More than likely it's something simple
that I'm just not seeing, but ...I'm not seeing it!

I'm storing session data in a table, following the model in Lerdorf &
Tatroe. Everything seems to work fine until I (as 'the user') log
out.

The logout process purges the record from the sessions table and
deletes the session-id cookie. This works fine. I check afterward
and they are gone.

But the next time I come back in, though, I have a problem.
session_start() apparently doesn't allocate a new session id. The
new session record has a blank in the id field, and the session cookie
is allocated but id-less.

So either I don't really understand how session_start works, or I'm
inadvertently getting it confused, or....

Any ideas?

thanks,
Margaret
--
(To mail me, please change .not.invalid to .net, first.
Apologies for the inconvenience.)
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Margaret MacDonald wrote:
But the next time I come back in, though, I have a problem.
session_start() apparently doesn't allocate a new session id. The
new session record has a blank in the id field, and the session cookie
is allocated but id-less.


You are probably looking for session_regenerate_id(), which is available
from PHP v4.3.2 an up.

When you are working with a lower version of PHP, you could do something
like the following:

<?
session_start();
$id = session_id();
setcookie(session_name(), $id, time()-100, "/");
print $id;
?>

(See your php.ini file for the appropriate values for the session cookie
parameters or use either init_get() or session_get_cookie_params() to
retrieve them)
JW

Jul 17 '05 #2

P: n/a
Janwillem Borleffs wrote:
Margaret MacDonald wrote:
But the next time I come back in, though, I have a problem.
session_start() apparently doesn't allocate a new session id. The
new session record has a blank in the id field, and the session cookie
is allocated but id-less.


You are probably looking for session_regenerate_id(), which is available
from PHP v4.3.2 an up.

When you are working with a lower version of PHP, you could do something
like the following:

<?
session_start();
$id = session_id();
setcookie(session_name(), $id, time()-100, "/");
print $id;
?>

(See your php.ini file for the appropriate values for the session cookie
parameters or use either init_get() or session_get_cookie_params() to
retrieve them)
JW


Thanks for the suggestion, JW. I'd really like to know what's
confusing it, though.

It seems to be something to do with the browser--if I try to start a
new session without closing the browser, I get one without an id. If
I close the browser first, though, I get a proper session. It seems
to me that it should give me a proper session whether or not I close
the browser.

Perhaps I'll have to break down and upgrade from 4.3.0 :-(

Margaret
--
(To mail me, please change .not.invalid to .net, first.
Apologies for the inconvenience.)
Jul 17 '05 #3

P: n/a
Margaret MacDonald wrote:
It seems to be something to do with the browser--if I try to start a
new session without closing the browser, I get one without an id. If
I close the browser first, though, I get a proper session. It seems
to me that it should give me a proper session whether or not I close
the browser.

Perhaps I'll have to break down and upgrade from 4.3.0 :-(


No, you don't need to. The trick is that a session cookie with a reference
to a session on the server is created.

Without closing your browser, the session can be re-used whether you are
logged in or not. This is because your code decides which conditions the
session should meet to set the status on logged in or logged off. The
session id just points to a location on your server to store the session
data.
JW

Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.