Solved

PHP5: why session id does not change after session_destroy() is called?

Posted on 2014-10-08
1
338 Views
Last Modified: 2014-10-08
Hello Experts,

Why is my session id the same after calling session_destroy()?

Please see code below:

session_name('TESTSession');
session_start();

echo 'session id: '.session_id().'<br>';

if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60)) {
	session_unset();     // unset $_SESSION variable for the run-time
	session_destroy();   // destroy session data in storage
}
		
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
echo 'session last activity: '. $_SESSION['LAST_ACTIVITY'] . '<br>';			

Open in new window

0
Comment
Question by:epifanio67
1 Comment
 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 40369528
The session id is stored client side so isn't destroyed even though all the session values have been
To get a new id use session_regenerate_id()

<?php

session_name('TESTSession');
session_start();

echo 'session id: '.session_id().'<br>';

if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60)) {
	session_destroy();   // destroy session data in storage
	session_unset();     // unset $_SESSION variable for the run-time
	session_regenerate_id(true);
}

		
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
echo 'session last activity: '. $_SESSION['LAST_ACTIVITY'] . '<br>';	

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now