[nycphp-talk] preventing randomized session variable from changing when page is refreshed
Kristina Anderson
ka at kacomputerconsulting.com
Wed Aug 20 17:36:12 EDT 2008
Mike --
$rand=rand(1,9);
$session_id=$rand.substr(md5($REMOTE_ADDR), 0, 11+$rand);
$session_id.=substr(md5(rand(1,1000000)), rand(1,32-$rand), 21-$rand);
session_id($session_id);
session_start();
$_SESSION['sessionid'] = $session_id;
---
What I need is some simple way to prevent this from being called more
than once until they leave the site. I'm considering the hidden field
thing but wonder if that is more complex than needed.
---
Kristina
> On Wed, Aug 20, 2008 at 3:56 PM, Kristina Anderson
> <ka at kacomputerconsulting.com> wrote:
> > That's what I want to do, but I need to prevent the value of
session id
> > from changing if for some reason they revisit or refresh the
index.php
> > page...as that is where the value is created.
>
> The session id should not change for the duration of the client's
> visit. In your index.php you should do session_start() and that's it
> (unless the user "logs out" in which case you might do
> session_regenerate_id() to effectively destroy any session state).
> What are you doing that is causing the session_id() to return a
> different value when the user refreshes the page?
>
> Mike
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
>
More information about the talk
mailing list