Click here to Skip to main content
14,865,126 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi there,

Just a quick question:

I want to create an if statement that automatically destroy the current session when somebody click 'Log in' after entering their details in my login form. I would also like the new session to be created as the old session is destroyed, meaning the first session's username changes to the new sessions username.

Pseudo Code:

PHP
// if session exists (if a user is logged in) when clicking 'Log in' after entering different username/password
{
//destroy sessions and create new session with the details submitted
}
else
{
//session doesnt exist, so log in the user (meaning the destroy session isnt needed)
}


This is the code that will follow, the code is used to start a session from details (stored as variables) from a form using POST.

PHP
$username = strtolower($_POST['username']);
$password = strtolower($_POST['password']);

if ($username&&$password)
{//starts validation and session start functionality


Thanks!
Posted

1 solution

The first sentence of your question is easy to solve:
PHP
session_name($username);
session_start();

thats all for both cases in your first code-box. You don't need to destroy the session manually, when you use the username for the sessionname. This destroys the session automatically, when $username is different to the sessionname.
(look at: php.net[^])

But this means for your second sentence of your question that this is quite harder to reach.
In this case you need to overwrite the SessionHandler[^] or its interface.

Maybe think about a static sessionname and set the username as a cookie or in db (as user_id).
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900