jeff5656 Posted August 22, 2010 Share Posted August 22, 2010 This is weird. I thought session_destroy erased your session id: echo "session is ".session_id(); session_destroy(); echo "<br>session now is ".session_id(); When I run it i get: session is mkqb0m49ktbtt1g34r6e67g012 session now is But when I reload the page I get the same thing! session is mkqb0m49ktbtt1g34r6e67g012 session now is If session_id was destroyed (it echoed blank to prove this) why does it get repopultaed with the same session id when I reload the browser? Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/ Share on other sites More sharing options...
freelance84 Posted August 22, 2010 Share Posted August 22, 2010 try unset first and then destroy unset($_SESSION['ID']); session_destroy(); Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102347 Share on other sites More sharing options...
jeff5656 Posted August 22, 2010 Author Share Posted August 22, 2010 But it's not a $_SESSION['ID'], it's just session_id(); so there is nothing to unset. Doesn't destroy do everything that unset does, just at a global level? Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102351 Share on other sites More sharing options...
freelance84 Posted August 22, 2010 Share Posted August 22, 2010 http://php.net/manual/en/function.session-destroy.php hmm, not sure then. the manual says it must be unset though Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102352 Share on other sites More sharing options...
premiso Posted August 22, 2010 Share Posted August 22, 2010 Chances are your session is using cookies, you need to unset the session cookie. See the example 1 from the session_destroy man page. $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); You call that and then the session_destroy function and this should wipe the slate clean. It may take a page reload for it to be completely removed as an FYI. Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102424 Share on other sites More sharing options...
GoneNowBye Posted August 22, 2010 Share Posted August 22, 2010 I would just use cookies. Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102426 Share on other sites More sharing options...
premiso Posted August 22, 2010 Share Posted August 22, 2010 I would just use cookies. Dude you should just stop now, you obviously have no clue how sessions work. So until you can take the time to understand them, stop acting like you know, which you obviously are ill-informed on how sessions work. Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102427 Share on other sites More sharing options...
GoneNowBye Posted August 22, 2010 Share Posted August 22, 2010 in the code of those that have never tried / lack the inteligence to do it themselves. ^.^ maybe i should realise a much more robust library that can actually be used for on the fly authentication (when the user returns) rather then, "they have the session must be them" hmm Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102428 Share on other sites More sharing options...
premiso Posted August 22, 2010 Share Posted August 22, 2010 maybe i should realise a much more robust library that can actually be used for on the fly authentication (when the user returns) rather then, "they have the session must be them" hmm Can you write that in English? Thanks! Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102430 Share on other sites More sharing options...
GoneNowBye Posted August 22, 2010 Share Posted August 22, 2010 sorry that was a proof reading fail. and a "too many thoughts" fail maybe i should POST a much more robust library (When compaired to the out-of-the box session functions) that can actually be used as a system for on the fly authentication (when the user returns) as oppossed to; "they have the session must be them" hmm excuse the spellings <--dyslexic, but still more intelligent then you Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102434 Share on other sites More sharing options...
premiso Posted August 22, 2010 Share Posted August 22, 2010 excuse the spellings <--dyslexic, but still more intelligent then you All I can do is laugh. Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102439 Share on other sites More sharing options...
GoneNowBye Posted August 22, 2010 Share Posted August 22, 2010 simple jokes simple folks.... Quote Link to comment https://forums.phpfreaks.com/topic/211423-the-session-id-that-wont-die/#findComment-1102441 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.