Session's issue

[justinh]

Hey everyone,

 

Im having a hard time with my logout page.

 

 <?php 
session_start();
session_destroy();

echo $_SESSION['loggedin']; //I put this in just to see what the problem was

echo "Log out complete. Click <a href=\"login.php\">here</a> to return to login.";

?>

 

When I echo the session "loggedin" it is still returning true, even after i put session_destroy..

 

Thanks in advance

[Psycho]

Read the manual:session_destroy

 

In order to kill the session altogether, like to log the user out, the session id must also be unset.

 

The very first example explains a method of how to properly destroy a session.

[sKunKbad]

instead of session_destroy, you might try unset($_SESSION) or $_SESSION[whatever] = null;

[justinh]

Awesome, thank you very much for your quick response.

 

I now have the code set to

 

 

 <?php
session_start();
unset($_SESSION['loggedin']);
session_destroy();

echo $_SESSION['loggedin'];
echo "Log out complete. Click <a href=\"login.php\">here</a> to return to login.";

?>

 

Now the echo doesn't show up, so im thinking it's a step in the right direction. But now when i go back to login.php ( code below )

 

 

<html>
<head>
</head>
<body>
<form action="checklogin.php" method="post">
<table>
    <tr>
  
       <td>Username:</td><td><input type="text" name="username"></td>

      </tr><tr>

       <td>Password:</td><td><input type="password" name="password"></td>
</tr><tr><td><input type="submit" value="Log In"></td></tr>
</tr>
</table>
</body>
</html>



?>

 

and skip the login and just type mydomain.com/index.php it still says im logged in

 

here is the code so far on the index page.

<?php

session_start();
include("connect.php");

if ($_SESSION['loggedin'] = "true"){

echo $_SESSION['loggedin'];
?>

<html>
<head>
</head>
<body> <a href="logout.php">Logout</a>
</body>
</html>

<? 

} else {


echo "you must be logged in too view this page. Click <a href=\"login.php\">here</a> to log in."; 

}

?>

 

Any ideas?

 

MJDAMATO FOR PRESIDENT!

[CroNiX]

As mentioned above, unset the whole $_SESSION array, not just one element.

unset($_SESSION);

[Psycho]

Also, when you return back tothe index page, you might be viewign a cached page. Try refreshing to see what happens.

[ranjuvs]

change this line

 

if ($_SESSION['loggedin'] = "true"){

 

to

 

if ($_SESSION['loggedin'] == "true"){

[justinh]

Hmm..

 

I tried

<?php
session_start();
unset($_SESSION);
session_destroy();

echo $_SESSION['loggedin'];
echo "Log out complete. Click <a href=\"login.php\">here</a> to return to login.";

?>

( I think this is what you were saying Cronix )

 

But it still has the same results.

 

Mjdamato: tried refreshing.. same result =/

 

www.wmptest.com/Wmptime/login.php

username: justinh

pass: dallas

 

If you want to see what I'm talking about.

 

Anything else it could be?

[justinh]

thank you ranjuvs, this fixed the problem