SID

Anon

I' d like to know if it colud happen this thing:

A user access to a website www.somesite.com
I'm storing in a dtb the session_id associated at that access associating that id to the user entries in the dtb.(thanks to his registering or logging).

The problem comes when the user could exit the website without logging out: so i will not able to erase from the dtb the temporay session_id associated at the entry of that user in the database.

Is it possible , making this, another user accessing the website will obtain the same id so writing it into the dtb i'll have a duplicate entry?

thanks

[deleted]

Theoretically yes, but the session_id is such a large random number that the chances are slim at best.

Anyway, a session is a one-off thing.
If a user doesn't come back to your site within an hour or so, you can safely delete the session information, because when the user comes back to your site, he will get a new session_id from PHP.