Sessions, Is this will work correctly?

[apol]

1. User submit a from with his "userName" and his "password".
2. "sign_in_check.php" checks if user exist in the data base and if exist then set : $_SESSION['userPass']="go";
3. When user want to sign out the sign_out.php file executed when user click on sign_out link, follows the sign_out.php:

<?php
    session_start();
    $_SESSION[]=array();

    if (isset($_COOKIE[session_name()])) {
              setcookie(session_name(), '', 0, '/');
    }
    session_unset();
    session_destroy();
    header("Location: http://localhost/project/forms/display/sign_in_form.php");
    exit();
?>


Is this logic will work ? Because when i am sign_in in my system with a valid userName & passwd and after i sign_out from the system if i press 2 times Back button in the IE browser it creates  the session again and displayes me the system index page again.

I am using to send form fields the $_GET variable and wamp5. Does anyone have any idea?

thanks

[Gruzin]

As I understand you need to make a log out function, correct? you don't need to check if(isset), just wrtite something like this and it will delete the last session:

[code]<?php
session_start();
session_destroy();
header("Location: http://localhost/project/forms/display/sign_in_form.php");
?>[/code]

[apol]

[quote author=Gruzin link=topic=111180.msg450374#msg450374 date=1160561962]
As I understand you need to make a log out function, correct? you don't need to check if(isset), just wrtite something like this and it will delete the last session:

[code]<?php
session_start();
session_destroy();
header("Location: http://localhost/project/forms/display/sign_in_form.php");
?>[/code]
[/quote]

I did it but the problem remains. I checked the session it has deleted when i press sig_out link but when i press 2 times browsers (IE) Back button it creates the session again...I can't understand why this is happening.

[Gruzin]

Can I see the code of that page which sets the session again?

[apol]

[quote author=Gruzin link=topic=111180.msg450380#msg450380 date=1160562599]
Can I see the code of that page which sets the session again?
[/quote]

Sorry this is the page...:


<?php
session_start();
if($_SESSION['adminPass']!="go"){
/*
if (isset($_COOKIE[session_name()])) {
  setcookie(session_name(), '', 0, '/');
}
session_destroy();
*/
header("Location: http://localhost/project/forms/display/sign_in_form.php");
exit();
}
?>


some html followes

thanks

[Gruzin]

ok, try to check if the session is set, something like this:
[code]<?php
session_start();
if(isset($_SESSION['userPass'])){
?>

...some code..

<?php
}
else{
header ('Location: index.php'); // check if session is not set redirect to login page
}
?>
</body>
</html>[/code]

[Gruzin]

Did you try my example?

[apol]

[quote author=Gruzin link=topic=111180.msg450386#msg450386 date=1160563711]
ok, try to check if the session is set, something like this:
[code]<?php
session_start();
if(isset($_SESSION['userPass'])){
?>

...some code..

<?php
}
else{
header ('Location: index.php'); // check if session is not set redirect to login page
}
?>
</body>
</html>[/code]
[/quote]




I changed it to that :

<?php
session_start();
if(isset($_SESSION['adminPass'])&&$_SESSION['adminPass']!='go'){
header("Location: http://localhost/project/forms/display/sign_in_form.php");
exit();
}
?>

and if click one time the Back button it inserts me in the system index page....I am confused....

[Gruzin]

read my post again.
insert session check in the head of the script and the "else" statment before the body and html closing tags...