[SOLVED] session_destroy();

[AL123]

AL123 new to php

I have a simple login and am trying to write a logout.

I set a $_SESSION var to 1 if they are logged in:

 

if(isset($_POST['logname']))

{

$UserArr = chk_lgn($_POST['logname'],$_POST['passwd']);

$_SESSION['iden'] = $UserArr['UserId'];

$_SESSION['logname'] = $UserArr['logname'];

}

 

if($_SESSION['iden'] !=0)

{ 

$_SESSION['auth'] = 1;

header('location:../UserPage/index.php');

}

 

elseif($_SESSION['iden'] == 0)

{

$_SESSION['auth'] = 0;

if($_POST){echo "Try Again.";}

}

 

In a include file I have this function:

 

function log_out()

{

if($_GET[auth==0])

{

session_unset();

session_destroy();

}

}

 

At the top(of index) I call the function, fallowed this in the html: 

 

<p><a href="../index.php?auth=0">LogOut</a></p>

 

When I click logout I am still able to navigate to member pages.

Shouldn't auth=0 in the url be stored in $_GET and be available for logout?

Thanks AL123.

 

[mikesta707]

if you set an auth key in the SESSION variable, don't you think you should be  testing if the SESSION variable auth is 0, not the get variable. not to mention that the syntax is all wrong

 

function log_out()
{
   if($_SESSION['auth'] == 0)
   {
   session_unset();
   session_destroy();
   }
}

 

but if when a user is logged on, their auth is set to 1, shouldn't you test if its one?

 

{
   if($_SESSION['auth'] == 1)
   {
   session_unset();
   session_destroy();
   }
}

 

?

[AL123]

I think I see the error of my ways, but how do I connect the function to

the url containing logout?

[mikesta707]

include the file on your logout page, and call the function?