Marek Kilimajer wrote:
You are right, unset($_COOKIES) does not remove cookie from the client.
You need to unset() it so that your next call to session_start() does not use the same $_COOKIES[session_name()]. session_start will generate new session id if there is not one set in the request variables.
I see, thanks! I tried unsetting the cookies and request superglobals, but it still does not give a new session id.
unset($_COOKIES[session_name()]); unset($_REQUEST[session_name()]); session_destroy(); session_start(); session_write_close();
But this code *still* does not destroy the cookie on the client side. Are you doing that somewhere else?
http://php.net/manual/en/function.session-destroy.php http://php.net/manual/en/function.setcookie.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
