So far I have managed to get a new session ID, but there are still issues. When I use session_start() on the login page a session ID is created (along with a cookie). Then, when I go to the next page (which sanitizes input and checks for a valid user and password) I see that another, different, session ID is created and I lose all the data from the first session on the login page.
Here is code for the login page:
Code: Select all
[size=150]<?php
session_start();
echo "Your session id is: ".session_id();
$_SESSION['testingvar']="does it work?";
?>[/size]Code: Select all
[size=150]
<?php
session_start();
echo "Your session id is: ".session_id()."<br><br>";
if (isset($_SESSION['testingvar']))
{
echo $_SESSION['testingvar']."<br><br>";
}else
{
echo "It's not set.<br><br>";
}
[/size]Code: Select all
[size=150]
<?php
session_start();
session_destroy();
session_regenerate_id(true);
setcookie(session_name(),session_id(),"0","/");
?>[/size]