You have the same session id, but there is no data in it, so what's the
problem? You should still consider the user logged out since the session is
empty, right?

If you really want, upon logout, make a new session id with session_id(),
md5() and uniqid().

---John Holmes...

----- Original Message ----- 
From: "Chris W. Parker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 21, 2003 3:28 PM
Subject: [PHP] can't restart session


Hello,

PHP 4.2.2

I'm working on a cart program right now and I can't properly log the
user out. The only way I've been able to get a different session id is
by closing all browser windows and reloading the site.

Scenario:

I go the site I'm working on and click the login page. I have 'echo
session_id();' in the login page so I can see the session id. I fill in
my username and password and click "login". I'm then sent to a
processing page that actually fills in the session variable with some
data (i.e. username, session id, security level, etc.). I then redirect
back to the login page with header("Location: login.php");.

Now that I'm back at the login page I still see my session id (and as
expected it is the same). Then I click "logout" and am taken to a logout
page. The logout page is as follows:

<?
// start the customers session
session_start();

session_destroy();
setcookie("user_info","",(time()-3600),"/");
header("Location: {$_SERVER["HTTP_REFERER"]}");
exit;
?>

Here is another version of the same file that I've tried using:

<?
// start the customers session
session_start();

session_unset();
session_destroy();

header("Location: {$_SERVER["HTTP_REFERER"]}");
exit;
?>


As far as I have been able to find out (by surveying other people and
RTFM'ing) I'm doing it correctly, but for some it's just not working.

After I click logout I would expect to be sent back to the login page
and see a different session id displayed, but instead I'm presented with
the same session id. The only way I can get a different session id is by
closing all the browser windows and starting over.


Anyone have any ideas?


Thanks,
Chris.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to