So I created this little login system for my php site, I have a login form where I first create the session with a few session variables like UserId and such.
I also do session_destroy() before i create the session so that any existing session will be destroyed.
Then I have this php file that I include on the top of every page on my site which opens that session with session_start() and starts the mysql connection and such.
Problem is, on some pages the session does open correctly and on other pages seems to create a new session. In fact if I go to another page and return to the page where the correct session isn’t opening it’s the same incorrect session, so I actually have two sessions opened it seems…
When I echo the session ID on page where it works and the one where it doesnt, they have different session ID’s so I’m confused.
IF you are getting duplicate cookies (as is in this case), check the domain and path of each cookie. Make sure the cookie path are domain are always set to the same domain and path is always the root of your website (assuming you want the cookies site-global).
Each cookie is visible to the set path and domain, all paths starting with the path set, and may be set to match all subdomains of the domain.
Based on the comments to the question.