Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 664
  • Last Modified:

PHP Session id is not changing

I have one login page and when it ask for user id password ..after authentication i put here a validation of yes and no ..if you are authorized  than click yes or no ..but whenever i am clcking no the session id remain same ..which i dont want ..i need to change session id on pressing no.

Please help!

The default page opens is index.php.
Code pressing no
-------------------------
 
if ($_POST['button']=="NO" ) {
    $query="UPDATE `web_access_log`
            SET accept_conditions='0'
            WHERE ID={$_SESSION['DB_Key']}";
    $result= mysql_query($query)
            or die (mysql_error()."<br>\nSQL: $query");
    include ("logout.php");
 
Logout.php
----------------
 
if (!$db) $db = db_connect();
 
$query="UPDATE `web_access_log` 
        SET logout_time=NOW(),  session_timeout='0'
        WHERE ID={$_SESSION['DB_Key']}";
 
$result = mysql_query($query) 
          or die (mysql_error()."<br>\nSQL: $query");
 
unset($_SESSION['userid']);
unset($_SESSION['ip']);
unset($_SESSION['DB_Key']);
unset($_SESSION['accept']);
session_destroy();
header("Location: index.php");

Open in new window

0
prashantchauhan
Asked:
prashantchauhan
3 Solutions
 
Bivek-josCommented:
Hi
Have a look at:
http://www.php.net/session_regenerate_id
Hope this helps. :)

Thank you
0
 
LinuxNubbCommented:
You could also try to set your session variables to nothing:

$_SESSION['userid'] = '';

0
 
prashantchauhanAuthor Commented:
I am already using session_regenrate but still the problem same..

Please check the code below,...and suggest any changes required.
session_destroy();
session_regenerate_id();
 
unset($_SESSION['userid']);
unset($_SESSION['ip']);
unset($_SESSION['DB_Key']);
unset($_SESSION['accept']);
 
 
function UpdateSessID() {
    $old_sess_id = session_id();
    session_regenerate_id(false);
    $new_sess_id = session_id();
 
    $query = "UPDATE `session_table` SET `session_id` = '$new_sess_id' WHERE session_id = '$old_sess_id'";
        mysql_query($query);
}
 
 
session_destroy();

Open in new window

0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now