[PHP] session destroy callback (onSessionDestroy event)
Hi, I need to do some clean-up when the session is destroyed or values are removed from it (expired). using session_set_save_handler does not work for me, as I don't want to rewrite session handling, I just need to be notified when a value is destroyed. Regards, Emil Ivanov P.S. I'm dealing with temporary pictures, saved on the disk and their path stored into the session and I need to delete them when they are no longer needed. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destroy/unset question - the same session_id is regenerated.
Ken wrote: After unsetting and destroying the session, the same sid is generated. No session identifier is generated at this point. This generation only happens when there is no identifier presented by the client, or when you explicitly regenerate it using something like session_regenerate_id(). is this a normal behaviour? Yes. Are you sure you need a new session identifier? i did this: session_start() //kill session variables unset($_SESSION); session_destroy(); I'd have to do some tests to find out, but you might want to set $_SESSION to attay() rather than just unset it, but these might have essentially the same behavior (e.g., memory is freed but not overwritten). Hope that helps. Chris -- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session destroy/unset question - the same session_id is regenerated.
After unsetting and destroying the session, the same sid is generated. is this a normal behaviour? i did this: session_start() //kill session variables unset($_SESSION); session_destroy(); Thanks in advance ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Session destroy/close
Look at the session manual page and maybe set a shorter time limit for the session cookie. If the user isn't going to click on the Logout link, then there's really nothing you can do until they close the browser (which will stop the session / delete cookie automatically). Maybe you can check for a certain period of inactivity and automatically log them out if they come back after that time. ---John Holmes... - Original Message - From: "Ake" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, May 15, 2002 5:11 AM Subject: [PHP] Session destroy/close I'm trying to close a session without the logged in surfer clicking "log out" (through a onunLoad javascript function which loads i different php document with the otherwise working php code for destryoing a session). I have a working "Log out" link which destroys the session and the variables in it but if the surfer doesn't click on it the session variables are still there and they can go back through their browser history and continue their session as logged in! So, how to destroy a session wihtout beeing able to control where the surfer clicks? I´ve gone through the documents and FAQ's without understanding any solution so I'd be most grateful for any help! Regards, Ake Svensson, aspiring database designer (MySQL/PHP/Linux) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Session destroy/close
I'm trying to close a session without the logged in surfer clicking "log out" (through a onunLoad javascript function which loads i different php document with the otherwise working php code for destryoing a session). I have a working "Log out" link which destroys the session and the variables in it but if the surfer doesn't click on it the session variables are still there and they can go back through their browser history and continue their session as logged in! So, how to destroy a session wihtout beeing able to control where the surfer clicks? I´ve gone through the documents and FAQ's without understanding any solution so I'd be most grateful for any help! Regards, Ake Svensson, aspiring database designer (MySQL/PHP/Linux)
[PHP] session destroy ??
In my online store i use session. I use a script to check that a user dont make 2 order during the same session using the back button for that i put his sessionid in the db and check it before processing the order. My probleme is how can i give a new session_id to the person when he goes back to the home page of my site so he can do a new order ? I try session_destroy , session_unset but the person have still the same session_id REMARK I always use the same string into session_name("abcdef") for all the user. Is it a problem? Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] session destroy???
Use session_unset() http://www.php.net/manual/en/function.session-unset.php Regards, -- Yasuo Ohgaki ""Miguel Loureiro"" <[EMAIL PROTECTED]> wrote in message 015d01c0b237$61e86720$[EMAIL PROTECTED]">news:015d01c0b237$61e86720$[EMAIL PROTECTED]... Hello all, when using sessions, if use command session_destroy shouldn't all variables related with used session destroyed??? It seams that is a crazy question, but, after make a logout(session_destroy()), I use the browser buttons to go back to inicial page and forward until logout page, it continues appers sessions data, it's bad because someone can enter in my browser after me and make fully things in my page How can I solve this problem? I already try to use OnLoad and UnOnload events in Javascript T.Y all Best Regards Miguel Loureiro < [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] session destroy???
Hello all, when using sessions, if use command session_destroy shouldn't all variables related with used session destroyed??? It seams that is a crazy question, but, after make a logout(session_destroy()), I use the browser buttons to go back to inicial page and forward until logout page, it continues appers sessions data, it's bad because someone can enter in my browser after me and make fully things in my page How can I solve this problem? I already try to use OnLoad and UnOnload events in Javascript T.Y all Best Regards Miguel Loureiro < [EMAIL PROTECTED] >