Why does the session ID remain the same despite multiple logouts and logins in PHP?
The session ID remains the same despite multiple logouts and logins because the session cookie is not being destroyed properly. To solve this issue, you need to explicitly destroy the session cookie when logging out by calling session_destroy() and then unset the session variables and regenerate the session ID.
session_start();
// Logout code
session_unset();
session_destroy();
setcookie(session_name(), '', time() - 3600, '/');
session_regenerate_id(true);
// Redirect to login page
header("Location: login.php");
exit();
Keywords
Related Questions
- How can the use of the "scandir" function in PHP enhance the efficiency of scanning and displaying folder contents on a website?
- How can session IDs be securely passed between pages in PHP without relying on cookies?
- What are the potential pitfalls of returning complex data structures from PHP to JavaScript?