$sess_session_name affects the name of cookie, get, or post var. If you wish to use 
it, you need to also reimplement the session creation routine. What is important here, 
is the $id, that is supposed to be hard to guess.

Giancarlo wrote:

>The manual gives an example:
>function destroy ($id) {
>   global $sess_save_path, $sess_session_name;
>   $sess_file = "$sess_save_path/sess_$id";
>   return(@unlink($sess_file));
> }
> /*********************************************
>  * WARNING - You will need to implement some *
>  * sort of garbage collection routine here.  *
>  *********************************************/
> function gc ($maxlifetime) {
>   return true;
> }
>But the function_destry is passed a var, $sess_session_name, that does affect 
>Suppose some baldous guy installs a multiuser game that he wants to reset all 
>the sessions, will he block everything for everyone, forcing logoffs etc, 
>Or, put on anoter way: a savy designer that would like to neatly gc only his 
>session_name()'s recs, how could he? Or is he aware that without an own save 
>path that will cause damage? Or how else not?

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to