[PHP] Destroying the Session Object
How can I destroy the session object for a particular user when that user leaves my web site without properly signing out? Jacques -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying the Session Object
I am developing an application. When the user signs in a Session ID is created (for argument sake: 123). I have a sign out page that has the script session_destroy() on it. This page directs me to the sign in page. When I sign the same or any other user in again I get the same session id (123). However, when I close the browser window and sign in again as any member, the session id changes. How does this work and how can I ensure that a unique session id is allocated to every new user that signs in? Jacques -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying the Session Object
I am developing an application. When the user signs in a Session ID is created (for argument sake: 123). I have a sign out page that has the script session_destroy() on it. This page directs me to the sign in page. When I sign the same or any other user in again I get the same session id (123). However, when I close the browser window and sign in again as any member, the session id changes. How does this work and how can I ensure that a unique session id is allocated to every new user that signs in? some good reading http://us2.php.net/session you could use http://us2.php.net/session_regenerate_id to create new ids -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying a Session
Hi, I am writing a shopping cart and am using a session called $_SESSION[orderinfo] to store the order information. I also have a function I use to clear the session when the payment has been authorized: function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
On Wed, 2004-08-25 at 14:34, Shaun wrote: I am writing a shopping cart and am using a session called $_SESSION[orderinfo] to store the order information. I also have a function I use to clear the session when the payment has been authorized: function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? You do have a session_start() somewhere, right? Also, $_SESSION, like $_GET, $_POST et. al. are automatically global, you don't need to specify global $_SESSION. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? I'm not triffically experienced, but I do have notes on the subject. You're wanting to clear the whole session, right? $_SESSION=array(); session_destroy(); For specific variables, try assigning FALSE to it ($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise use session_unregister. For me under 4.1.2 I had to set to null. HTH J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
[EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? I'm not triffically experienced, but I do have notes on the subject. You're wanting to clear the whole session, right? $_SESSION=array(); session_destroy(); For specific variables, try assigning FALSE to it ($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise use session_unregister. For me under 4.1.2 I had to set to null. HTH J Hi, Thank you for your replies. I am using version 4.3.3 yet unset() doesn't seem to work. To test this I have placed this line of code in my footer.php file that appears at the bottom of every page: echo 'load_orderinfo() = '.load_orderinfo(); Here is the load_orderinfo() function: function load_orderinfo() { global $_SESSION; if (empty($_SESSION[orderinfo])) { return false; } else { return $_SESSION[orderinfo]; } } Before the $_SESSION[orderinfo] is created the output in the footer reads: load_orderinfo() = When it has been created it reads: load_orderinfo() = Object; On the complete_order.php page where I call the clear_orderinfo() function it goes back to: load_orderinfo() = but it on any subsequent page the output returns to: load_orderinfo() = Object; But after calling the clear_orderinfo() function surely the $_SESSION[orderinfo] should have been destroyed. I hope this makes sense! Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
Shaun [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? I'm not triffically experienced, but I do have notes on the subject. You're wanting to clear the whole session, right? $_SESSION=array(); session_destroy(); For specific variables, try assigning FALSE to it ($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise use session_unregister. For me under 4.1.2 I had to set to null. HTH J Hi, Thank you for your replies. I am using version 4.3.3 yet unset() doesn't seem to work. To test this I have placed this line of code in my footer.php file that appears at the bottom of every page: echo 'load_orderinfo() = '.load_orderinfo(); Here is the load_orderinfo() function: function load_orderinfo() { global $_SESSION; if (empty($_SESSION[orderinfo])) { return false; } else { return $_SESSION[orderinfo]; } } Before the $_SESSION[orderinfo] is created the output in the footer reads: load_orderinfo() = When it has been created it reads: load_orderinfo() = Object; On the complete_order.php page where I call the clear_orderinfo() function it goes back to: load_orderinfo() = but it on any subsequent page the output returns to: load_orderinfo() = Object; But after calling the clear_orderinfo() function surely the $_SESSION[orderinfo] should have been destroyed. I hope this makes sense! Thanks for your help Hi, remove the global $_SESSION; lines in your functions - they are uneccessary. Have you tried resetting $_SESSION instead of unset()?: $_SESSION = array(); Regards, Torsten Roehr -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
On Wednesday 25 August 2004 12:27 pm, Shaun wrote: [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] function clear_orderinfo() { global $_SESSION; unset($_SESSION[orderinfo]); } However this function doesnt seem to work and the session remains active, is there another way to clear a session? I'm not triffically experienced, but I do have notes on the subject. You're wanting to clear the whole session, right? $_SESSION=array(); session_destroy(); For specific variables, try assigning FALSE to it ($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise use session_unregister. For me under 4.1.2 I had to set to null. HTH J Hi, Thank you for your replies. I am using version 4.3.3 yet unset() doesn't seem to work. To test this I have placed this line of code in my footer.php file that appears at the bottom of every page: echo 'load_orderinfo() = '.load_orderinfo(); Here is the load_orderinfo() function: function load_orderinfo() { global $_SESSION; if (empty($_SESSION[orderinfo])) { return false; } else { return $_SESSION[orderinfo]; } } Before the $_SESSION[orderinfo] is created the output in the footer reads: load_orderinfo() = When it has been created it reads: load_orderinfo() = Object; On the complete_order.php page where I call the clear_orderinfo() function it goes back to: load_orderinfo() = but it on any subsequent page the output returns to: load_orderinfo() = Object; But after calling the clear_orderinfo() function surely the $_SESSION[orderinfo] should have been destroyed. I hope this makes sense! Thanks for your help Shaun, For what its worth, I experienced probs with destroying sessions until I added another page. On the page in question, I called the 'logout' function and redirected to that page: [logout.php] ?php session_start(); ob_start(); session_destroy(); header(location: http://your_site.back_to_page_that_is not_logged in.php); ? Note that I used an absolute url -- it seems to make a difference. [Btw, I note that you use double quotes for $_SESSION['orderinfo'] -- just wondering . . . . HTh, Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying a session!!!
Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a session!!!
The cookie that stores the session id will live until the browser window is closed. You can apply a different lifetime to the cookie by using session_set_cookie_params() but I doubt that'll do what you want. Just use the session_id() function to change the session id manually when you register your variables. This is a good idea even if you're not using sessions for a secure login system. -Kevin - Original Message - From: Gabor Niederlaender [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 12:07 PM Subject: [PHP] Destroying a session!!! Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a session!!!
Gabor, after some searching I discovered some wonderful user comments in the session_destroy() page you might want to check out. You have to get dirty with cookies but it may be possible after all. :) http://www.php.net/manual/en/function.session-destroy.php -Kevin - Original Message - From: Kevin Stone [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 1:43 PM Subject: Re: [PHP] Destroying a session!!! The cookie that stores the session id will live until the browser window is closed. You can apply a different lifetime to the cookie by using session_set_cookie_params() but I doubt that'll do what you want. Just use the session_id() function to change the session id manually when you register your variables. This is a good idea even if you're not using sessions for a secure login system. -Kevin - Original Message - From: Gabor Niederlaender [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 12:07 PM Subject: [PHP] Destroying a session!!! Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php