Jump to content

Logout script not clearing $_session variables

Aaron4osu

By Aaron4osu
in PHP Coding Help

 Share

Recommended Posts

Aaron4osu Member

Aaron4osu

Posted
Posted

I'm trying to use this php to clear out the session variables and return to the index page.  However it's not clearing them out. Any ideas?

 

logout.php

<?php 
session_start();
        unset($_SESSION['user_id']);
        unset($_SESSION['username']);
session_destroy();
header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1"); 
?>

 

then in my navigation I'm using this code to either display their username and a logout link to logout.php or if they are not logged in display a sign in link.

 

<?php
         // if logged in
if (isset($_SESSION['user_id'])) 
{
	// display 
	echo "<a href='#'>".$_SESSION['username']."</a>   ";
	echo "<a href='scripts/logout.php'>Log Out</a>   ";
}
        // if not logged in
else
{      // display login link
	echo "<a href='login.php'>Sign In</a>";
}
?>

 

here is my super simple login script

$username = $_POST['username'];
$password = $_POST['password'];

//Check if the username or password boxes were not filled in
if(!$username || !$password){
//if not display an error message
echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b>!</center>";
}else{
// find user by username and password - working
$userQuery = 'SELECT * FROM users WHERE user_name ='.'"'. $username.'" AND password='.'"'. $password.'"' ; 
$users = mysql_query($userQuery);

$user = mysql_fetch_array($users);
$_SESSION['user_id'] = $user['user_id'];
$_SESSION['username'] = $user['username'];
header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1");

}

Muddy_Funster Regular Member

Muddy_Funster

Posted
Posted

ahh, now see if you hadn't used SELECT * on your user table I would have tried to help you...

 

 

nah, just kidding, just use

unset($_SESSION);

there are other session variables in there that keep the session unique.  you need to unset the should array, not just the ones you are using.

creata.physics Member

creata.physics

Posted
Posted
there are other session variables in there that keep the session unique.  you need to unset the should array, not just the ones you are using.

 

It should just be 1, the unique session id.

 

Also,

session_unset();

works too.

Aaron4osu Member

Aaron4osu

Posted
  • Author
Posted

Thanks guys but I'm still trouble.  Ive tried both of these and neither is working for me:  I also tried taking out everything but the unset lines.  

<?php
session_start();
session_unset();
session_destroy();
?>

and 

<?php
session_start();
unset($_SESSION);
session_destroy();
?>

creata.physics Member

creata.physics

Posted
Posted

Take this out of your logout.php:

header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1");

 

So we don't redirect, then try this:

<?php
session_start();
session_unset();
session_destroy();
print_r($_SESSION);
?>

 

If print_r does not output anything then the session is getting unset properly and the issue is not with logout.php.

If you see the user_id and user_name session arrays then something I can't understand is going on.

Aaron4osu Member

Aaron4osu

Posted
  • Author
Posted

Also, I just noticed something else that is weird.  I accidentally took out the

header function that redirects back to the index page but it is still redirecting there without it.  I've tried clear the cache and removing the file and replacing it again and still doing the same.  Is that normal for a php script to return back to the previous page? 

creata.physics Member

creata.physics

Posted
Posted

No, it will not redirect without the code telling it to do so. Check your files and directories and make sure you are editing the correct file and everything else.

 

I should have phrased my sentence properly. If you are directly viewing logout.php and it is not included in another file then you will not be redirected if the logout.php file doesn't call for it.

Aaron4osu Member

Aaron4osu

Posted
  • Author
Posted

Actually I think the initial post fixed it, but for some reason my ftp client wasn't copying over the previous version so I kept running the same script. Very sorry and thanks for the help.  This is what I ended up using which is working perfect.

<?php
session_start();
session_unset();
session_destroy();
header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1");
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.