pete M wrote: > here's the way I do it Depends on what you're going for exactly. Based on what the OP said I believe he'll also want to destroy the session cookie. If you want to completely destroy the session you need the extra step that I copied and pasted from the manual. :)
>
> logout.php
> <?php
> session_start();
> $_SESSION = array();
> session_destroy();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
> header('Location: login.php');
> ?>
>
>
> Jacques wrote:
>
>> I am developing an application. When the user signs in a Session ID is
>> created (for argument sake: 123). I have a sign out page that has the
>> script session_destroy() on it. This page directs me to the sign in
>> page. When I sign the same or any other user in again I get the same
>> session id (123).
>>
>> However, when I close the browser window and sign in again as any
>> member, the session id changes.
>>
>> How does this work and how can I ensure that a unique session id is
>> allocated to every new user that signs in?
>>
>> Jacques
--
Teach a man to fish...
NEW? | http://www.catb.org/~esr/faqs/smart-questions.html
STFA | http://marc.theaimsgroup.com/?l=php-general&w=2
STFM | http://www.php.net/manual/en/index.php
STFW | http://www.google.com/search?q=php
LAZY |
http://mycroft.mozdev.org/download.html?name=PHP&submitform=Find+search+plugins
signature.asc
Description: OpenPGP digital signature
