Solved

PHP Session id is not changing

Posted on 2009-04-10
3
652 Views
Last Modified: 2013-12-14
I have one login page and when it ask for user id password ..after authentication i put here a validation of yes and no ..if you are authorized  than click yes or no ..but whenever i am clcking no the session id remain same ..which i dont want ..i need to change session id on pressing no.

Please help!

The default page opens is index.php.
Code pressing no
-------------------------
 
if ($_POST['button']=="NO" ) {
    $query="UPDATE `web_access_log`
            SET accept_conditions='0'
            WHERE ID={$_SESSION['DB_Key']}";
    $result= mysql_query($query)
            or die (mysql_error()."<br>\nSQL: $query");
    include ("logout.php");
 
Logout.php
----------------
 
if (!$db) $db = db_connect();
 
$query="UPDATE `web_access_log` 
        SET logout_time=NOW(),  session_timeout='0'
        WHERE ID={$_SESSION['DB_Key']}";
 
$result = mysql_query($query) 
          or die (mysql_error()."<br>\nSQL: $query");
 
unset($_SESSION['userid']);
unset($_SESSION['ip']);
unset($_SESSION['DB_Key']);
unset($_SESSION['accept']);
session_destroy();
header("Location: index.php");

Open in new window

0
Comment
Question by:prashantchauhan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Assisted Solution

by:Bivek-jos
Bivek-jos earned 100 total points
ID: 24114731
Hi
Have a look at:
http://www.php.net/session_regenerate_id
Hope this helps. :)

Thank you
0
 
LVL 9

Assisted Solution

by:LinuxNubb
LinuxNubb earned 100 total points
ID: 24116602
You could also try to set your session variables to nothing:

$_SESSION['userid'] = '';

0
 

Accepted Solution

by:
prashantchauhan earned 0 total points
ID: 24183160
I am already using session_regenrate but still the problem same..

Please check the code below,...and suggest any changes required.
session_destroy();
session_regenerate_id();
 
unset($_SESSION['userid']);
unset($_SESSION['ip']);
unset($_SESSION['DB_Key']);
unset($_SESSION['accept']);
 
 
function UpdateSessID() {
    $old_sess_id = session_id();
    session_regenerate_id(false);
    $new_sess_id = session_id();
 
    $query = "UPDATE `session_table` SET `session_id` = '$new_sess_id' WHERE session_id = '$old_sess_id'";
        mysql_query($query);
}
 
 
session_destroy();

Open in new window

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Update (December 2011): Since this article was published, the things have changed for good for Android native developers. The Sequoyah Project (http://www.eclipse.org/sequoyah/) automates most of the tasks discussed in this article. You can even fin…
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to use and create new code templates in NetBeans IDE 8.0 for Windows.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question