Is it important to change session on each page request?

It causes conflicts when the user open another page on another window/tab. So how to prevent these conflicts? One way is to set session same for each page the same..every time the user logout/logins the session will be regenerated.

<?php
//every page sets its own session if its not ajax so that it dont expire
if(is_ajax()){
$_SESSION['token'] = md5(rand());
}

echo '<div id="token">'.$_SESSION['token'].'</div>';
?>

tokens will be passed from d开发者_运维知识库iv.token to perform ajax requests by jquery. but then when the user opens another tab new session is set then the other page returns 'Invalid Request' error.

Having multiple pages or tabs open should not interfere with the session. If it does, you're probably putting a bit too much into the session.

What are you storing in the session? It sounds like you're probably storing something in the session that belongs in the URL.

Edit: After seeing your edit, you may want to check out the top answer in this question:

PHP - CSRF - How to make it works in all tabs?