destroy session id and get new

[vineet]

hi all

i m using

Code:

$unique_id = session_id();

to get new unique id for my records in database. Everytime i close the whole browser and open new browser i get a new unique_id.

I am not able to destroy the old unique id on logout and closing browser tab and get new unique id when opening new browser tab.
If i have to get a new unique id i have to close all tabs of the browser or say whole browser and open the site again in new browser.

I have session_start(); in my config file that is included on all pages.

This is my logout script

Code:

<? require_once("config.php");
$unique_id = session_id(); 
$qry="delete from cart_table where unique_id='$unique_id'";
mysql_query($qry);
$_SESSION = array(); 
session_unset();
session_destroy();
header("Location:index.php"); 
?>

vineet

[JasonDFR]

Code:

function logout() {

	$_SESSION = array();

	if (isset($_COOKIE[session_name()])) {
		setcookie(session_name(), '', time()-42000, '/');
	}

	session_unset();
	session_destroy();

}

You can use the above as a function, or just add the "if (isset($_COOKIE ..." part to what you already have.

Hope this helps.

Good luck!

J

[vineet]

Code:

function logout() {

	$_SESSION = array();

	if (isset($_COOKIE[session_name()])) {
		setcookie(session_name(), '', time()-42000, '/');
	}

	session_unset();
	session_destroy();

}

You can use the above as a function, or just add the "if (isset($_COOKIE ..." part to what you already have.

Hope this helps.

Good luck!

J

hi jason

i would like to know that if i m not using cookies then is it important to add
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');

this code has relation with only cookies or this has relation with sessions also.

vineet

[JasonDFR]

When you use sessions, a cookie is placed on the user's computer to hold the session ID. This is how your website identifies the user while the session is open.

You can destroy the session on the server, but the cookie with the session id will remain on the user's computer. So you need to get rid of this cookie too to get rid of the session id.

Try what I posted and let me know if it works.

Good Luck!

Jason

[vineet]

When you use sessions, a cookie is placed on the user's computer to hold the session ID. This is how your website identifies the user while the session is open.

You can destroy the session on the server, but the cookie with the session id will remain on the user's computer. So you need to get rid of this cookie too to get rid of the session id.

Try what I posted and let me know if it works.

Good Luck!

Jason

hi jason

thanks. it worked great and deleted all sessions.

just one thing to ask what does this means. is this means 42 seconds.

Code:

time()-42000

Is it possible to destroy the session or call this logout script when we close the browser tab. if i close whole browser then the session get deleted automatically but when i close the "browser tab" then i dont get new session id.

vineet

[JasonDFR]

The 42000 is in seconds. it is negative, so it is taking the current time ( time() ) and setting the cookie for 42000 seconds in the past. This causes the cookie to expire immediately because the cookie expiration time is set to a time in the past.

I don't know how to make the cookie get deleted and the user log out without the user doing something (like clicking the log out link).

Perhaps you should use a different method of generating a unique id for your shopping cart table?

I'll think about this problem and try to post a solution. This is a very good project to help us learn!

J