Jump to content

session_destroy not working.


ballhogjoni

Recommended Posts

this is my code to my logout page

<?php
session_unset();
session_destroy();
?>
<html>
<head>
<title>Logged Out</title>
</head>
<body>
<p align="center">You have been successfuly logged out.</p>
<p align="center"><a href="login.php">Log back in</a></p>
</body>
</html>

 

Why is the session not being destroyed. I mean I can hit the back button and refresh the page and I am logged in again.

Link to comment
https://forums.phpfreaks.com/topic/61926-session_destroy-not-working/
Share on other sites

<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy();
?> 

<?php
session_start();
session_destroy();
print_r($_SESSION);
if(empty($_SESSION)){
?>
<html>
<head>
<title>Logged Out</title>
</head>
<body>
<p align="center">You have been successfuly logged out.</p>
<p align="center"><a href="login.php">Log back in</a></p>
</body>
</html>
<?php
}
?>

 

print_r($_SESSION); displays array() and the logout stuff appears.

I messed around awhile before I got everything to work on my logout.

My question would be how to make this destroy work when one closes the Mozilla browser - IE destroyes sessions on close, Mozilla can be openned back up and you have your session back (unless you set the delete cookies on close under options).

here is my working logout code in my header.php file:

 

if($_GET['logout']=='logout'){

//UPDATE TIME_STAMP of logout

$query = "UPDATE users SET duration = TIMEDIFF(NOW(),active) WHERE id = '". $_SESSION['uid']."'";

$result = mysql_query($query);

$_SESSION['logged_in']=FALSE;

session_unregister('full_name');

session_destroy();

if($_GET['to_home'] == 1){

header("Location: ../../");

}else{

header("Location: ../login.php");

}

}

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.