Jump to content


This topic is now archived and is closed to further replies.

Guest edwinsweep

Session Storage And Id Takeover

Recommended Posts

Guest edwinsweep
hi everybody.
im currently making a website with a forum.
i wanna be able to make a page that contains all the names from everybody that's online
atleast the one's that are logged in, they will have a name.
the rest will have GUEST or something.
but when somebody enters my site he's unlogged. (by standard)
so he shows up as GUEST status.
and when the person logs in, a new session is made with new info.
only the old one is still sitting there and counting in the amount of member that are online!
what should i do, is there a way do delete the old session from the temp session directory by writing some commands in the script itself?
something like the session_destroy command.
i tried the session_destroy thing. but it doesnt delete it from the session directory.
any idea's what will.
or should i include the ip addres into the session and check if its used 2x and delete the older session?
any advise or hints are appreciated.
thanks in advance

Share this post

Link to post
Share on other sites
Why not just update the current session the GUEST user is using? Rather than destorying the session and creating a new one? Someting like this:

if($_SESSION['logged_in'] != '1')
    $_SESSION['user'] = "GUEST";
    // reset session as a blank array:
    $_SESSION = array();

    //get user credentials

    // reset the session data
    $_SESSION['logged_in'] = '1';
    $_SESSION['user'] = $username;

Also session_destory clears the data in the session file and sets that session id as invalid. It does not delete the session. If you want the session files to be deleted automatically when they expire you'll want to look into Garbage Collection. Garbage collection is control by [i]session.gc_probability[/i] and [i]session.gc_divisor[/i]. Look these up over at [a href=\"http://www.php.net/session\" target=\"_blank\"]http://www.php.net/session[/a]. These settings can set using ini_set.

Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.