Why does php generate the same session identifiers every time in a test environment (WAMP)?

Question

Why does php generate the same session identifiers every time in a test environment (WAMP)?

I configured wamp on my system and am testing development in this local environment. I worked on the logout functions and found that the generated session identifiers are the same in the browser.

Eg - chrome always generates session id = abc, for all users even after logging out and logging in; IE always generates an id = xyz session for all users.

Is this a problem with the wamp / my test environment?

find below my php script output -

<?php
session_start();
$sessionid = session_id();
echo $sessionid;
session_unset(); 
session_destroy(); 
?>

+3

php unique wamp logout sessionid

arun nair May 20, '11 at 18:33

source share

7 answers

. ,

session_start(); 
session_regenerate_id(TRUE); 
session_destroy();

+3

Praveen V 29 . '12 8:54

session_regenerate_id(). .

+2

Tomasz Kowalczyk 20 '11 18:35

session_destroy() , . , , cookie . , session_start().
, , . ( ) , . setcookie().

http://php.net/manual/en/function.session-destroy.php

+2

Jasoon 20 '11 18:40

session_unset() session_destroy() cookie . setcookie().

session_unset - session_register(), session_destroy $_SESSION, cookie.

+1

Marc B 20 '11 18:41

manual (session_destroy):

session_destroy() , . - , cookie . , session_start() .
, , . cookie ( ), cookie . setcookie().

Unless you specifically cancel the cookie, the cookie will still exist, and next time session_start () will be called, it will use this as a session identifier. Closing the browser should also clear the cookie, as they are usually set upon expiration of php when closing the browser.

+1

Jonathan kuhn May 20, '11 at 18:42

source share

To stop capturing a session, execute the code below in PHP

    session_start();

    /* to stop session hijacking */

    // Generate new session without destroying the old one
    session_regenerate_id(false);

    // Fetch current session ID and close both sessions to allow other scripts to use them
    $newSession = session_id();
    session_write_close();

    // Assign session ID to the new one, and start it back up again
    session_id($newSession);

    session_start();

0

Kuldeep singh Sep 14 '17 at 8:11

source share

Gumbo · Accepted Answer · 2011-05-20T18:42:19+0000

, , cookie , session_unset, session_destroy cookie:

, , . ( ) , . setcookie() .

setcookie, cookie :

if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

- , session_regenerate_id(true).

Why does php generate the same session identifiers every time in a test environment (WAMP)?

More articles: