Session with cookie logout

[twsowerby]

Hi all,

 

Just getting my head around sessions and came across a stumbling block.

 

I have the following code which compares a login form to a database value and starts a new session. It also stores a cookie containing the session id. I got this code from a tutorial and understand how it works.

 

<?php
// Check if the information has been filled in
if($psEmail == '' || $psPassword == '') {

// No login information
header('Location: login.php?refer='.urlencode($psRefer));

} else {

// Authenticate user
$hDB = mysql_connect('localhost', '', '');
mysql_select_db('fyp', $hDB);

$sQuery = "
Select iUser, MD5(UNIX_TIMESTAMP() + iUser + RAND(UNIX_TIMESTAMP())) sGUID
From tblUsers
Where sEmail = '$psEmail'
And sPassword = password('$psPassword')";

$hResult = mysql_query($sQuery, $hDB);

if(mysql_num_rows($hResult)) {

$aResult = mysql_fetch_row($hResult);

// Update the user record
$sQuery = "
Update tblUsers
Set sGUID = '$aResult[1]'
Where iUser = $aResult[0]";

mysql_query($sQuery, $hDB);

// Set the cookie and redirect
setcookie("session_id", $aResult[1]);

if(!$psRefer) $psRefer = 'index.php';
header('Location: '.$psRefer);

} else {

// Not authenticated
header('Location: login.php?refer='.urlencode($psRefer));
}
}
?> 

 

I'm not sure how to do the logout part of this though, how do you end the session? presumably I also have to remove the cookie that stores the session ID.

 

Any help would be appreciated, thanks.

 

Tom