Problem with unset() and exit()

[doubledee]

I have a script that allows a User to create a new password as part of a password re-set flow.

 

In my script, I store the $memberID in the Session so that when I redirect from "create_password.php" to "results.php" I still have the $memberID and can store it in the transaction log in my database.

 

The problem is that even though I have unset() after the redirect, it is somehow erasing the value in $_SESSION['memberID'] before the redirect, and thus I get "0" in the database when "results.php" runs?!

 

// Temp Password expires in 1 hour (3600 seconds).
if ((time() - $tempResetOn)>10){
	// Temp Password Expired.
	$_SESSION['resultsCode'] = 'PASSWORD_TEMP_PASSWORD_EXPIRED_2112';

	// Set Error Source.
	$_SESSION['errorPage'] = $_SERVER['SCRIPT_NAME'];

	// Redirect to Outcome Page.
	header("Location: " . BASE_URL . "/members/results.php");

	unset($_SESSION['memberID']);

	// End script.
	exit();
}//End of CHECK FOR EXPIRED TEMP PASSWORD

 

How do I unset the Session variable - in the "create_password.php" script above - AFTER I successfully redirect and store the $memberID in the database?

 

Thanks,

 

 

Debbie

 

 

[scootstah]

The code keeps executing after the header() until the script ends.

 

So why not unset on the results page?

[doubledee]

The code keeps executing after the header() until the script ends.

 

So why not unset on the results page?

 

I could do that.

 

However, I think I was getting confused as to what to expect where, so disregard this thread for now.

 

Thanks anyways!

 

 

Debbie