Session Question

Anon

Creating a site using a session that is passed from page to page using the GET method. What I need to make sure is that the user can never come back to that page using that session ID once he has left the site.

As of now, if a user were to use the drop down address bar of the browser and see mysite.com?PHPSESID=asdfkja818234 or whatever and choose that as his link back into my page, it would screw everything up.

Is there a way for php to know that this session is expired becuase the site was left and auto issue a new id or simply redirect back to the index.php page?

Thanks!

[deleted]

"Is there a way for php to know that this session is expired becuase the site was left and auto issue a new id or simply redirect back to the index.php page"

No. HTTP is stateless.
Only the HTTP_REFERER field gives an indication of what the user was doing before he got to your site. You could chack that to see if the referer was a link on your site or not. But, HTTP_REFERER is not a mandatory field, not all browsers have to send it, and some browsers can disable it for privacy reasons.

If you scripts get messed up if someone enters an URL manually, then your design is wrong and you should rethink your methods.