Die SESSION, Die! (PHP Problem)

[madmanlear]

Hey folks, having a tough time with this one.

Just finished launching a site with session handling for the shopping cart. Everything's peachy up to the actual order completion, because my session isn't being destroyed where I tell it to.

You see, cart items are added to the order in the database, and to some degree it relies on the session id to differentiate. So when they reach the thank you page I destroy the session. But in some instances when people keep looking around, their session is gone but the session id is intact, so it totally screws up the order in the database!

Any ideas? You will be saving me from much wailing and gnashing of teeth.

[holyhttp]

You could use session_regenerate_id() to create a new session id value at the end of the checkout process.
In the long run however I suggest making sure your shopping cart info persists even after the session has ended if the visitor did not complete the checkout process.
Using a $_COOKIE variable along with the $_SESSION would offer an increase usability to your shopping cart.

[madmanlear]

holyhttp: thanks for the advice. For some reason even that wasn't working, because we were in a secure area, whereas the session is created in a non-secure area. It was a weird fluke that I've never experienced before, but I think I figured it out.

Because the orders are tied to the session_id, I could check if a completed order already existed with that session_id once the user got back to the cart. If so, then session_regenerate_id(). It works like a charm.

I don't know if this will be any help to anyone in the future. I sure hope no one else has to deal with this.