so i should be adding it here?
function logout ()
{
//session must be started before anything
session_start ();
//if we have a valid session
if ( $_SESSION['logged_in'] == TRUE )
{
//unset the sessions (all of them - array given)
unset ( $_SESSION );
//destroy what's left
session_destroy ();
}
//It is safest to set the cookies with a date that has already expired.
if ( isset ( $_COOKIE['cookie_id'] ) && isset ( $_COOKIE['authenticate'] ) ) {
/**
* uncomment the following line if you wish to remove all cookies
* (don't forget to comment ore delete the following 2 lines if you decide to use clear_cookies)
*/
//clear_cookies ();
setcookie ( "cookie_id", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
setcookie ( "authenticate", '', time() - KEEP_LOGGED_IN_FOR, COOKIE_PATH );
}
//redirect the user to the default "logout" page
header ( "Location: " . REDIRECT_ON_LOGOUT );
}
or in logout.php
?