Session does not destroy itself

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Session does not destroy itself

Post by Tubbietoeter »

Hi guys!


I have a web that contains a lot of php sites. On each site I included session_start(), so that every one of that sites can access session vars.

As far as I am informed, if a user accesses a site that has no session_start() at the beginning, the session is destroyed.

Not here. The user leaves the web and returns to it, but the contents of the session variables are still there.

How can I have the session destroyed on exit of the web?

Thanks,

Steff
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Usally sessions are destroyed when the brower closes, also theres session_destroy.

http://www.php.net/session_destroy
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Also if you wanna see what i mean....

Go Here: http://bleedingday.com/bd3/ (not finished)

You'll have to sign-up, then login. Its session based auth.

Once you are logged in, close the brower, then go back. You shouldnt be logged in when you go back.

I'll also glady delete you from my database if you want to.
Last edited by fatal on Mon Jun 30, 2003 4:34 am, edited 1 time in total.
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

Oops your right ... should have read what session_start() does really do ... :oops:



Ehm but if you have several webs that have sessions, do they all use the same session?

In this case I maybe should prefix my variable names.


Or should I use session_name() ?
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

You can use mulit sessions vars... In my validation function I set:

Code: Select all

$_SESSION["user_name"] = $user_name;
$_SESSION["privs"] = $privs;
echo"You successfully logged in.";
And Thats all.

The you would call it the same way:

Code: Select all

<?php
echo $_SESSION['user_name'];
echo $_SESSION['privs'];
?>
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

Yes but what if another web uses session vars with the same name, which I use in my session, and the session has not been destroyed when the user leaves my web and enters the other?
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

I really dont know what would happen, but also i dont think its that likely to happen.
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

Well $_SESSION['user_name'] is not an uncommon variable name ...

so thats why I worry.

if a user logs in on my site and i set $_SESSION['user_name']=$user_name and he logs onto another site using $_SESSION['user_name'], the variable is already set, right?
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Well, try it out aganist my site and see what happens. Im interest to see what happenes, if anything at all.
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

if it was for private use i wouldn't care but i get paid for this stuff.

so i should try to work out all odds.

probably nothing will happen with your site, but thats not the problem here.


thanks a lot though ... ;o)
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Anytime buddy.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

The session will be for your site - i.e. it won't be taken over by another web site when they leave yours.

Mac
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

@twigle

how does php know what is my web and which is an other?

for example i got two webs on my webserver

/www/web1
/www/web2

and each one has multiple php sites in different sub-folders

how does php determine what belongs to one web and what to another?

i guess I'm gonna use session_name() just in case ...
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Do your sites share the same URL?

Mac
Tubbietoeter
Forum Contributor
Posts: 149
Joined: Fri Mar 14, 2003 2:41 am
Location: Germany

Post by Tubbietoeter »

they got urls like

http://webserver/www/web1/login.php
http://webserver/www/web2/login.php


this is all in an intranet
Post Reply