regenerate session id
I want to add another level of security when using php sessions. So i will simply change the session id everytime the page loads.
The code i use is:
Now the problem that i have is that for some reason php adds the session id into the url which I dont want. can anyone help how to do the same thing without having the session id in the url??
$_SESSION = $tmpSession;
There is a function for this, session_regenerate_id()
It will set a new cookie if enabled, thus no sessid in the URL
Yeah i have seen that function but unfortunatly my webhost is running php 4.3.0 and that function came into php at 4.3.2. So i need to think about something else.
You are not clearing the session cookie. Look at the examples in the manual on the session_destroy page.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)