Clinton Posted January 2, 2009 Author Share Posted January 2, 2009 I changed everything so the form submitted to a login.php form and not to itself. Problem solved. Quote Link to comment https://forums.phpfreaks.com/topic/139154-solved-sessions-not-dying/page/2/#findComment-728412 Share on other sites More sharing options...
9three Posted January 2, 2009 Share Posted January 2, 2009 To properly destroy a session you use the follow: $_SESSION = array(); session_unset(); session_destroy(); header('index.php'); What $_SESSION = array(); does is outputs all the sessions and when it follows to the 2nd line, session_unset(), it unsets the array, and finally destroys it. You can however do an if statement and check if the sessions that you created exist and if they do run your block code. But this is a method I would not go with, as one day you might have different sessions and that if statement would become rather large and unnecessary. Make sure you are using session_regenerate_id on every page to avoid session fixation. Quote Link to comment https://forums.phpfreaks.com/topic/139154-solved-sessions-not-dying/page/2/#findComment-728446 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.