Hello,
I'm having some problems with my shopping cart scripts. When a user logs in, the following code is executed:
PHP Code:
//Start the session
session_start();
//Create session variable
session_register("user");
//let's grab the session ID for those who don't have cookies
$id = session_id();
$url = "Location: myaccount.php?sid=" . $id;
header($url);
Now when you logout, it does the following:
PHP Code:
//let's completely terminate the session and bring them to login page
session_start();
session_unset();
session_destroy();
echo ("Logging Out...");
header('Refresh: 1; url=index.php');
When you try to log in with two different accounts, both are being assigned the same session ID. I think this is because the cookie was being deleted server side, but it was still remaining on the clients machine? For some reason
PHP Code:
session_unset();
session_destroy();
wasn't deleting the cookie from the machine.
Would it be OK to add a bit of JavaScript after "session_destroy which deleted the cookie? I was told I couldn't delete it in PHP because there has already been some outputted after the header or something - sorry, not explained very well.
I was each user to be assigned a different session_id because I am using that to select the products in their cart.
Thanks,
Steven