> Sorry all, > > I have to bump this up.I am seriously getting desperate and NEED help in > killing a session entirely once the order has been placed. > > Everything I try fails. > > Problem again is that when I close the browser and return to the site.my > cart shows an order as it pertains to my previous order selection. If I > refresh the page.. the information is gone. > > ANY ideas? > > > Thanks a ton. > > Aaron > > -----Original Message----- > From: Aaron Wolski [mailto:aaronjw@martekbiz.com] > Sent: May 6, 2003 9:03 AM > To: 'php-db@lists.php.net' > Subject: expiring sessions between 2 domains..help :( > > Hi All, > > Ok.. here's the scoop! > > Background: > > Client owns one ecommerce site. We're building another ecommerce site > with different products/theme. > > To save on costs.. client wants to use his SSL server of the first > Ecommerce site for this new site. > > Problem: > > Initially wanted to use cookies to store the session variable which > holds shopping cart contents. Can't do that because of the different > domains ( <http://www.newsite.com> http://www.newsite.com AND > <https://oldsite.com> https://oldsite.com). > > Went to sessions and passed the PHPSESSID to the secure area to transfer > customer data. > > This works fine until the transaction is complete and we pass the > visitor back to the non-secure site...session is still active UNTIL a > page refresh is done by the visitor. > > Even more of a problem is when I close down ALL windows.. hell even if I > reboot the client computer and go back to the site the session is still > active UNTIL a manual refresh of the page is done. > > > Can anyone help me in how I do a full proof method of expiring sessions > and session data once I have finalized the order? > > > Thanks all. > > Any help is appreciated! > > Regards, > > Aaron > Hi, do you use the php functions to destroy a session, like session_destroy() ? session_destroy() destroys all data registered to a session. It doesn't destroy the session itself but all data. There are several ways to securely destroy a session. Look at the comments on the session_destroy manual page of php http://www.php.net/manual/en/function.session-destroy.php. There are several posts of people describing how they are destroying/expiring their session. I think one of the hints should do the thing for you. Regards, Thomas =============================================== Thomas Sinka mobil: +49 163 3 23 12 72 mailto: thomas.sinka@it-choice.de IT-Choice Software AG Kaiserstraße 160-162, 76133 Karlsruhe, Germany Tel.: +49(0)721-85 006-0, Fax: +49(0)721-85 006-77 www.it-choice.de, info@it-choice.de Amtsgericht Karlsruhe, HRB 9060 USt-Id Nr.: DE 812 950 635 Vorstand: Mirko Ketterer (Vorsitzender), Stephanie Lehmann, Dirk Ludwig Aufsichtsratsvorsitzender: Horst Gann -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
