On 6/10/06, Ryan A <genphp@xxxxxxxxx> wrote:
Hi,
I am working on a very simple script, basically adding
features to an older script, I'll write down the main
parts:
<?php
ini_set('session.name', 'COSTREAM_SESSION');
session_start();
## authenticate user code comes here
## log the user
my_log("login",$user,$_REQUEST['COSTREAM_SESSION']);
?>
and for logout.php I have:
-----
ini_set('session.name', 'COSTREAM_SESSION');
session_start();
unset($_SESSION['user']);
session_destroy();
-- redirect user comes here
-----
but when I check the DB the session id is always the
same hash, I should be getting new hashes everytime I
login right? I am running the logout script before
logging in again...why is it always giving me the same
hash?
If you're logging straight back in after logging out, maybe not - the
browser might remember the old session. If you log out, close the
browser then go to the login page you should get a new id. If you want
to guarantee a new id, use http://php.net/session_regenerate_id
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
