recalled sessions overlapping?

[garyed]

I have a site where quite a few numbers are entered in different fields. I can recall a saved session but if I recall a second session then some of the numbers of the first session will be entered into the second session. 

So I have to close my browser each time before I change sessions. Is there a simple way to avoid this without permanently deleting the sessions? I tried session_destroy() but it didn't work so I must not be using it correctly.  Here is the code I'm using to retrieve the stored session files:

<?php
session_destroy();
session_start();
$uname=$_POST['uname'];
$fname=$_POST['fname'];
if ($uname=="myname" && $fname=="")
{
echo "<BR>";
echo $date;
echo "<BR>";
$direc="./SESSION";
$files=scandir($direc);
$array_num= count($files);
?>
<html> <body>
<form name="file_log" method="post" action="">
<input name="fname" type="hidden" value="<?php echo $fname; ?>">
<select name="fname"> 
<?php
$x=1;
while ($x < $array_num)
{
?>
<option><?php echo $files[$x]; ?> </option>
<?php
$x++;
}

?> 
</select>

---Choose session file   <br><br><br><br>
<input name="uname" type="hidden" value="<?php echo $uname; ?>">
<input type="submit" value="Restore Session"> </form>

<?php

}
else
{
?>
<form name="login" method="post" action="">
Enter username: <input name="uname" type="text" value="<?php echo $uname; ?>"> <br>
<input type="submit" value="SUBMIT"> 

</form>
<?php

}
/* If a session file is chosen it restores the session & uses Javascript to take you back to the home page */
if ($uname=="myname" && $fname !="" )
{

$sessionfile = fopen("./SESSION/".$fname, "r");
session_decode(fgets($sessionfile) );
fclose($sessionfile);
echo " <script>";
echo "location.href='index.php'";
echo "</script> "; 


}

?>
</body> </html>

[QuickOldCar]

session_destroy is for use with the default session handler, what you are doing is saving data into a file.

 

If you want to remove your sessions file use unlink to delete that particular file

 

The problem with your system is when would it delete your custom session file, would need to create a cron job and check live sessions.

[garyed]

I don't want to delete the session file because I want the data saved for future use. I just want to be able to deactivate any live sessions from my browser so it does not conflict with a new previously saved session I might open up.  Just like when i close the browser, the session is no longer active when I open the browser back up.    

[QuickOldCar]

Check for the specific values from your saved session file, only if they don't exist use the built in session values and save.

 

As for them expiring, default sessions uses garbage collection.

If you want to simulate that you can run a cron job on the files or check the file modification date using filetime and expire it a time you decided on upon accessing them.

 

Another option is using a database and saving timestamps along with the users session data.

Edited October 7, 2015 by QuickOldCar

[ginerjm]

I agree with QOC - why bother with trying to do some hanky-panky with sessions (?) when a db is so simple and direct?

[garyed]

I guess I've got some learning to do because I don't know how to implement what you suggested. I'm surprised there's not just a simple command that would clear the session from the browser without having to close it.

[ginerjm]

Why did you think that using Session vars was the way to go.  If you have a 'set' of data, you store it in a table (one data item per field) and use some unique value for that set of data, ie, session, to be the index of the records in the table.  Then when you want to get the data for a particular "session" you query for the corresponding key/index.

[garyed]

I'm actually kind of learning as I go so I thought sessions would work for what I needed. The site is just a calculation program so I don't save any data that anyone enters into the form fields. I just didn't want people to lose their data until they closed their browser. I probably should have used cookies. The only sessions that get saved are ones I enter myself. Since I'm the only one who recalls any sessions we're not talking about saving a lot of different sessions.   

[garyed]

Well I found the answer to my problem that seems to work OK. All i did was put this code at the very beginning of my decoding file:

session_start();
session_unset();
session_destroy();
session_write_close();
session_start();

That clears away any sessions I had running so when I open a new one they don't conflict.  

I still like the idea of using a database but that's something I'll have to work on & learn. I already use some mysql databases for my site so it shouldn't be too hard to learn.   

Thanks for the ideas.