[PHP] Destroying the Session Object
How can I destroy the session object for a particular user when that user leaves my web site without properly signing out? Jacques -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying the Session Object
I am developing an application. When the user signs in a Session ID is created (for argument sake: 123). I have a sign out page that has the script session_destroy() on it. This page directs me to the sign in page. When I sign the same or any other user in again I get the same session id (123). However, when I close the browser window and sign in again as any member, the session id changes. How does this work and how can I ensure that a unique session id is allocated to every new user that signs in? Jacques -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying the Session Object
I am developing an application. When the user signs in a Session ID is created (for argument sake: 123). I have a sign out page that has the script session_destroy() on it. This page directs me to the sign in page. When I sign the same or any other user in again I get the same session id (123). However, when I close the browser window and sign in again as any member, the session id changes. How does this work and how can I ensure that a unique session id is allocated to every new user that signs in? some good reading http://us2.php.net/session you could use http://us2.php.net/session_regenerate_id to create new ids -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying a Session
Hi,
I am writing a shopping cart and am using a session called
$_SESSION[orderinfo] to store the order information. I also have a
function I use to clear the session when the payment has been authorized:
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains active, is
there another way to clear a session?
Thanks for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
On Wed, 2004-08-25 at 14:34, Shaun wrote:
I am writing a shopping cart and am using a session called
$_SESSION[orderinfo] to store the order information. I also have a
function I use to clear the session when the payment has been authorized:
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains active, is
there another way to clear a session?
You do have a session_start() somewhere, right? Also, $_SESSION, like
$_GET, $_POST et. al. are automatically global, you don't need to
specify global $_SESSION.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains
active, is
there another way to clear a session?
I'm not triffically experienced, but I do have notes on the subject.
You're wanting to clear the whole session, right?
$_SESSION=array();
session_destroy();
For specific variables, try assigning FALSE to it
($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise
use session_unregister. For me under 4.1.2 I had to set to null.
HTH
J
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains
active, is
there another way to clear a session?
I'm not triffically experienced, but I do have notes on the subject.
You're wanting to clear the whole session, right?
$_SESSION=array();
session_destroy();
For specific variables, try assigning FALSE to it
($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2. Otherwise
use session_unregister. For me under 4.1.2 I had to set to null.
HTH
J
Hi,
Thank you for your replies. I am using version 4.3.3 yet unset() doesn't
seem to work. To test this I have placed this line of code in my footer.php
file that appears at the bottom of every page:
echo 'load_orderinfo() = '.load_orderinfo();
Here is the load_orderinfo() function:
function load_orderinfo() {
global $_SESSION;
if (empty($_SESSION[orderinfo])) {
return false;
} else {
return $_SESSION[orderinfo];
}
}
Before the $_SESSION[orderinfo] is created the output in the footer reads:
load_orderinfo() =
When it has been created it reads:
load_orderinfo() = Object;
On the complete_order.php page where I call the clear_orderinfo() function
it goes back to:
load_orderinfo() =
but it on any subsequent page the output returns to:
load_orderinfo() = Object;
But after calling the clear_orderinfo() function surely the
$_SESSION[orderinfo] should have been destroyed. I hope this makes sense!
Thanks for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
Shaun [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains
active, is
there another way to clear a session?
I'm not triffically experienced, but I do have notes on the subject.
You're wanting to clear the whole session, right?
$_SESSION=array();
session_destroy();
For specific variables, try assigning FALSE to it
($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2.
Otherwise
use session_unregister. For me under 4.1.2 I had to set to null.
HTH
J
Hi,
Thank you for your replies. I am using version 4.3.3 yet unset() doesn't
seem to work. To test this I have placed this line of code in my
footer.php
file that appears at the bottom of every page:
echo 'load_orderinfo() = '.load_orderinfo();
Here is the load_orderinfo() function:
function load_orderinfo() {
global $_SESSION;
if (empty($_SESSION[orderinfo])) {
return false;
} else {
return $_SESSION[orderinfo];
}
}
Before the $_SESSION[orderinfo] is created the output in the footer
reads:
load_orderinfo() =
When it has been created it reads:
load_orderinfo() = Object;
On the complete_order.php page where I call the clear_orderinfo() function
it goes back to:
load_orderinfo() =
but it on any subsequent page the output returns to:
load_orderinfo() = Object;
But after calling the clear_orderinfo() function surely the
$_SESSION[orderinfo] should have been destroyed. I hope this makes
sense!
Thanks for your help
Hi,
remove the global $_SESSION; lines in your functions - they are uneccessary.
Have you tried resetting $_SESSION instead of unset()?:
$_SESSION = array();
Regards, Torsten Roehr
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a Session
On Wednesday 25 August 2004 12:27 pm, Shaun wrote:
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
function clear_orderinfo() {
global $_SESSION;
unset($_SESSION[orderinfo]);
}
However this function doesnt seem to work and the session remains
active, is
there another way to clear a session?
I'm not triffically experienced, but I do have notes on the subject.
You're wanting to clear the whole session, right?
$_SESSION=array();
session_destroy();
For specific variables, try assigning FALSE to it
($_SESSION['name']=FALSE; or 'unset' works for versions =4.2.2.
Otherwise use session_unregister. For me under 4.1.2 I had to set to
null.
HTH
J
Hi,
Thank you for your replies. I am using version 4.3.3 yet unset() doesn't
seem to work. To test this I have placed this line of code in my footer.php
file that appears at the bottom of every page:
echo 'load_orderinfo() = '.load_orderinfo();
Here is the load_orderinfo() function:
function load_orderinfo() {
global $_SESSION;
if (empty($_SESSION[orderinfo])) {
return false;
} else {
return $_SESSION[orderinfo];
}
}
Before the $_SESSION[orderinfo] is created the output in the footer
reads:
load_orderinfo() =
When it has been created it reads:
load_orderinfo() = Object;
On the complete_order.php page where I call the clear_orderinfo() function
it goes back to:
load_orderinfo() =
but it on any subsequent page the output returns to:
load_orderinfo() = Object;
But after calling the clear_orderinfo() function surely the
$_SESSION[orderinfo] should have been destroyed. I hope this makes sense!
Thanks for your help
Shaun,
For what its worth, I experienced probs with destroying sessions until I added
another page. On the page in question, I called the 'logout' function and
redirected to that page:
[logout.php]
?php session_start(); ob_start(); session_destroy();
header(location: http://your_site.back_to_page_that_is not_logged in.php);
?
Note that I used an absolute url -- it seems to make a difference. [Btw, I
note that you use double quotes for $_SESSION['orderinfo'] -- just wondering
. . . .
HTh,
Andre
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Destroying a session!!!
Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a session!!!
The cookie that stores the session id will live until the browser window is closed. You can apply a different lifetime to the cookie by using session_set_cookie_params() but I doubt that'll do what you want. Just use the session_id() function to change the session id manually when you register your variables. This is a good idea even if you're not using sessions for a secure login system. -Kevin - Original Message - From: Gabor Niederlaender [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 12:07 PM Subject: [PHP] Destroying a session!!! Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Destroying a session!!!
Gabor, after some searching I discovered some wonderful user comments in the session_destroy() page you might want to check out. You have to get dirty with cookies but it may be possible after all. :) http://www.php.net/manual/en/function.session-destroy.php -Kevin - Original Message - From: Kevin Stone [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 1:43 PM Subject: Re: [PHP] Destroying a session!!! The cookie that stores the session id will live until the browser window is closed. You can apply a different lifetime to the cookie by using session_set_cookie_params() but I doubt that'll do what you want. Just use the session_id() function to change the session id manually when you register your variables. This is a good idea even if you're not using sessions for a secure login system. -Kevin - Original Message - From: Gabor Niederlaender [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 12:07 PM Subject: [PHP] Destroying a session!!! Hi all! I have seen a couple of discussions on the same topic, but even so I do not really know how to destroy sessions. I would like to achieve, that a second login after a logout generates a wholly new session, with a new session id. I have tried: session_unset(); session_destroy(); and after every logout and re-login I get the same session... What is the solution? Thanks and Best regards, Gabor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
