Reputation: 647
what are session id? in php are session id assined to each user or each browser
i am really confused about sessions in php i doing website this is my first project and i am stuck a user logging system i cant understand how php session work are these session id unique to each user or are these unique to each browser
here is my problem
when i login in using username and password for user1 i start a new session and a unique session id is created lets say phpssesid XXXXXXXXXXXXXXXX so when i logout from user1 i destroy session and session id XXXXXXXXXXXXXXXX generated during login for user1 is deleted from temp folder next i login using user2 and password a new session is again created but i get same session id i.e XXXXXXXXXXXXXXXX which was generated during first login i dont understand how come to users are assigned same session id to two different users
all this while i was using google chrome to browse
but then i used firefox to login using user1 and password but this time a new session id is created i.e XXXXXXXXXXXXXXX1 den i logout and again login using user2 and again session id assigned to user2 is same XXXXXXXXXXXXXXX1
i dont understand all this if sesssion id is unique to each user then why is same session id is assigned to two different users on same browser
Upvotes: 0
Views: 3261
Answers (1)
Reputation: 960
Can't say much for PHP specifically, but HTTP by itself is stateless - i.e. if you make the same request, you (should) get the same response. What PHP and many other languages do is use session IDs - sometimes stored in cookies, sometimes stored in the URL.
Long story short, your Session ID should be unique to each user for each browser. For example, if Alice logs in on her home computer, then logs in on her work computer, the session IDs should be different. If Alice then logs out of her home computer and Bob logs in (same computer, same browser as Alice's first login) he should still get a different session ID - it's all done so that your framework (ie. PHP) can track 'sessions' of website use.
In your case, duplicate session IDs might be due to lingering cookies, server problems, or PHP might be legitimately reusing one ID (maybe for performance reasons). If you haven't modified much of the session code, chances are it's either the cookie issues with the browser or ID reuse.
Upvotes: 1
Related Questions
- What exactly is session_id( ) and session_name( )? Explain how they are being used in the following code
- when and where do we use session_id()
- Use of session_id() and session_name
- Session User ID?
- How is generate session_id?
- Why does session ID persist across sessions in PHP?
- What are session_id, session_regenerate_id and session_name used for?
- Session ID and variables in PHP
- What is actually php session_id?
- PHP session cookie sessionid