I've noticed a 'feature' that seems to be causing me some pain. When a user logs in, we store various pieces of info and their user class in a $_SESSION variables.
This includes a flag saying that they've ben authenticated. I would expect that if I 'rm -rf /tmp/sess_*' that the user would get prompted to re-login (since the flag is not set). However what actually happens, is that PHP silently just re-creates the session with a new unique identifier but with all the same data in it. GRRR. How can I force this to NOT happen (either via php.ini or via some function or directive call in each page load)? ÐÆ5ÏÐ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
