Session_destroy, new session_id

Plectron

Hi,

I have an online shop with a session_destroy() on the last page.
The problem is that if a user returns to the first (index) page, without closing the browser, the session_id remains the same.
On the last script the session_id is no longer available, but as I return to the first page via a regular link, the script does'nt generate a new id. :-(

Is there a function to force php to generate a new id?

Thx for help
Plectron

bladx

Make sure that you put session_start(); before putting session_destroy(); Like this:

<?php

session_start();
session_destroy();

?>

Plectron

Originally posted by bladx
Make sure that you put session_start(); before putting session_destroy(); Like this:
<?php

session_start();
session_destroy();

?>
[/B]

I did that of course.
The session on the page where I use session_destroy() is going to be destroyed, which is correct and wanted. So, an echo of session_id() after destroy shows an empty session_id.
The Problem is that as soon as I return to the first page, the
session_start() which is used there generates the same id as before.

Thx anyway.
Plectron

bladx

It may be your browser ... what browser are you using?

Plectron

Originally posted by bladx
It may be your browser ... what browser are you using?

Iam using IE6. But actually I don't think its my browser.

Thx.
Plectron

Aeiri

I had this problem with my logout script. I used the variable "lin" (logged in) to detect it.

For my login.php:

session_start();
session_register("un");
session_register("pw");
session_register("lin");
$un=$info["un"];
$pw=$info["pw"];
$lin=true;

For my logout.php:

session_register("lin");
$lin=false;
session_destroy();

For my header file:

session_register("lin");
if($lin){
session_register("un");
session_register("pw");
}

Hope this helps you 😃

EDIT: I made it a little more understandable.

Plectron

Thanks for the help.
I guess this could work, but I try not use cookies.
Since session_register() sets a cookie this solution does not work for me. :-(

Thanks anyway.
Plectron

Originally posted by Aeiri
I had this problem with my logout script. I used the variable "lin" (logged in) to detect it.

For my login.php:
session_start();
session_register("un");
session_register("pw");
session_register("lin");
$un=$info["un"];
$pw=$info["pw"];
$lin=true;
For my logout.php:
session_register("lin");
$lin=false;
session_destroy();
For my header file:
session_register("lin");
if($lin){
session_register("un");
session_register("pw");
}
Hope this helps you 😃

EDIT: I made it a little more understandable. [/B]