...

View Full Version : Logout Is Screwed



Jesuspwnt
12-24-2007, 01:24 PM
uh oh, another problem.

my logout page is for some reason not working..

i created a quick like 7 lines of code when i created to end ALL sessions, yet when i log out from an admin account, i can still delete posts, any ideas?


foreach($_SESSION as $name=>$value){
$_SESSION[$name]=NULL;
}
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
header("Location: index.php");

CFMaBiSmAd
12-24-2007, 01:47 PM
It is likely that your delete code is not properly checking for the existence of the session variable or that the session code on the delete page is recreating the variable.

You would need to post the code for the delete page to get help with what it is doing.

Jesuspwnt
12-24-2007, 01:53 PM
that is my session destroying code

SeeIT Solutions
12-24-2007, 01:57 PM
I think I read somewhere that setcookie doesn't work when used before header(). Could that be the reason, or try what I used in the other thread to avoid that.


unset($_COOKIE,$_SESSION);

CFMaBiSmAd
12-24-2007, 02:13 PM
So, does the code you posted have a session_start() in it? Otherwise, you are not really operating on an existing session (and you would be receiving a Warning level message from php.)

Jesuspwnt
12-24-2007, 03:22 PM
So, does the code you posted have a session_start() in it? Otherwise, you are not really operating on an existing session (and you would be receiving a Warning level message from php.)

the only thing you can't see in the code i supplied is that at the top is a require_once to the site's main core. which includes session_start();

CFMaBiSmAd
12-24-2007, 03:34 PM
Either the session is not starting due to a headers problem in the logout code or your delete logic is not checking what it should be.

Jesuspwnt
12-24-2007, 03:53 PM
there isn't a header problem or it'd echo out an error for sure.
also it is working, kinda, because it shows the login form again... but i can stll delete shouts

CFMaBiSmAd
12-24-2007, 04:00 PM
If you want help with your delete code, you would need to post it, as has already been suggested.

Jesuspwnt
12-24-2007, 08:27 PM
wtf? i have!
check the first post..

or here it is again just for you


foreach($_SESSION as $name=>$value){
$_SESSION[$name]=NULL;
}
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
header("Location: index.php");

CFMaBiSmAd
12-24-2007, 10:48 PM
That is your logout code, not your delete post code.

You stated your code shows the login form again... but I can still delete shouts. Don't you suppose that the problem is in the delete code you keep mentioning?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum