Re: Session destroy/unset question - the same session_id is regenerated.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ken wrote:
After unsetting and destroying the session, the same sid is generated.

No session identifier is generated at this point. This generation only happens when there is no identifier presented by the client, or when you explicitly regenerate it using something like session_regenerate_id().


is this a normal behaviour?

Yes.

Are you sure you need a new session identifier?

i did this:

session_start()

//kill session variables
unset($_SESSION);
session_destroy();

I'd have to do some tests to find out, but you might want to set $_SESSION to attay() rather than just unset it, but these might have essentially the same behavior (e.g., memory is freed but not overwritten).


Hope that helps.

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux