0

I'm trying to delete session ID, I tried all of the following here, here, and here. But none of them work.

What should I do very simpy to just delete the session ID from the current php page (but not the session itself). What I am trying to accomplish is to call an ajax where the session ID will be deleted, while the current page will keep running with the session.

What should I use for this?

Thank you!

Community
  • 1
  • 1
Lucy Weatherford
  • 5,452
  • 16
  • 50
  • 76
  • 2
    Sessions don't exist on the client side. All session data is stored on the server, so what you said about the session keeping running on the current page doesn't make much sense. – Paul Feb 21 '12 at 23:40
  • You could do the authenticaton present the page and then all content is shown, delete the session Id via a ajax call. Every restricted area would be unaccessible unless you provide a "token" or some sort of id to the browser for it to continue data query's. – Fernando André Feb 21 '12 at 23:44
  • @netcrash good point, but how should i delete the session id? I tried in many ways and it seems to still recognize the session... – Lucy Weatherford Feb 21 '12 at 23:46
  • here's what I'm trying to do: [see this question](http://stackoverflow.com/questions/9345391/publish-stream-from-the-application-for-non-logged-in-user-using-graph-api-p): I am trying to turn off the session just for the purpose of posting to facebook not as the urrent user but as another user. what should I be using to delete the session id? Thanks! – Lucy Weatherford Feb 21 '12 at 23:58
  • @PaulP.R.O. check out the question I just linked to. the session is still being recognized on the lient side, i don't know how! how do i make it go away?... :) – Lucy Weatherford Feb 21 '12 at 23:59
  • Destroy the cookie after you call the session_destroy() on the server side. http://pt.php.net/session_destroy You can also do that on the server side but I'm not sure. Also I'm not sure about facebook permissions and how they work but when a user gives access to your application to is "wall", I'm not sure if that access is given to someone using your application to write on the other users wall. If user #2 can write on user #1 wall by using a Application access rights if that works let me know so I can close my account! – Fernando André Feb 22 '12 at 00:21
  • you totally missunderstood the facebook thing, both users gave us permission to do this, and user 1 is not posting on user 2- that's exactly what I am trying to prevent here. At any rate, I am not sure what you are saying, as I mentioned, I already tried "session_destroy" and it did not work.. :( – Lucy Weatherford Feb 22 '12 at 00:27
  • not sure what sessions have to do with the facebook to facebook question you asked previously. how would deleting a session help this scenario at all? – dqhendricks Feb 22 '12 at 00:34
  • did you read [this question](http://stackoverflow.com/questions/9345391/publish-stream-from-the-application-for-non-logged-in-user-using-graph-api-p)? though I am trying to post to user 2 as user 2 ("someone" (=user 1) "wattered your flowers"), but because both users have given our application posting permissions, then the application posts to user 2 as user 1, instead of posting to user 2 as user 2. the only way the app will post to user 2 as user 2 is if it does not "remmember"(i.e. session) that it is user 1 that has the current session. now, do you know how I can do this? – Lucy Weatherford Feb 22 '12 at 00:41
  • ps I tried this in secure browsing and it orked, so I know that if the session isn't there then it works. I have just been unable to delete the session. anyone? – Lucy Weatherford Feb 22 '12 at 00:56

1 Answers1

0

for a specific page you can unset the session id with unset($_SESSION['id'])

but to keep it on the original page you would need to pack it into a temp variable, and re-declare it after your ajax call

ie on original page

$tmpsessionid = $_SESSION['id'];

ajax call finished - reregister session

$_SESSION['id'] = $tmpsessionid;

One would have to ask why you are trying to this though?

John Smith
  • 1,812
  • 1
  • 16
  • 17
  • thanks, how do I find what to write in 'id' though? +see the link to my original question in my comment to the answer above for why am I doing this. – Lucy Weatherford Feb 22 '12 at 00:11
  • I just tried this and it did not work, I'd appreciate it if you clarified how I should do it, maybe I'm doing it wrong (I used `session_id()` for the `id` property). thanks! – Lucy Weatherford Feb 22 '12 at 00:28
  • Did you specify session_start before trying to detroy? Also you could delete the user side cookie to garantee the session_id leaves the user side. – Fernando André Feb 22 '12 at 16:02
  • yes, I tried with and without session_start, I managed to delete it in the end using old expiration date, but this deleted only part of the cookie necessary - see [here](http://stackoverflow.com/questions/9401654/delete-cookie-in-php); I'm not sure wht you mean about the user side, but this might be what I attempted here, which did help, but anyhow it was only partial and did not help my end goal :( – Lucy Weatherford Feb 26 '12 at 00:32
  • maybe an easier way would be to pass your session id in your ajax call. dont know if you are using post or get, but either as a hidden field or as a get parameter pass $thesessionid to your ajax page and then there just tell the session to use that parameter as its session id. Or as i oringinally said page 1 $tempvar = $_SESSION; page 2 ajaxpage unset($_SESSION); page 1 - get response sucess from ajax, so recreate the session $_SESSION = $tempvar; – John Smith Feb 27 '12 at 10:52