logout code not functioning

amcf1992 · 09-22-2011, 07:08 PM

So I'm trying to build a logout script. When i am in account.php I click logout and then navigate back to the account.php to see if vars have been destroyed, but even after I run the script, it does not seem to be destroying session data. Any help would be awesome.

My session vars:

PHP Code:


			
$_SESSION['id'] = $row['id']; 
        $_SESSION['firstname'] = $row['firstname']; 
        $_SESSION['lastname'] = $row['lastname']; 
        $_SESSION['address'] = $row['address'];

My logout code:

PHP Code:


			
<?php

// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
session_destroy();



echo '<META HTTP-EQUIV="Refresh" Content="0; URL=login.php">';   
?>

mlseim · 09-22-2011, 08:05 PM

Try this ... I'm sort of guessing ...

PHP Code:


			
<?php
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
if(session_start()){  
session_destroy();
}

header("location: login.php");

?>

.

amcf1992 · 09-22-2011, 08:39 PM

I tried that, yet it is still not destroying the session variables

mlseim · 09-22-2011, 08:44 PM

Try this ... the most basic, just to see if that works.

PHP Code:


			
<?php
session_start();

if(session_start()){  
session_destroy();
}

header("location: login.php");
?>

.

amcf1992 · 09-22-2011, 08:47 PM

I just tried that, yet no luck

mlseim · 09-22-2011, 08:54 PM

I'm stumped.

Wanna · 09-23-2011, 01:14 PM

PHP Code:


			
session_destroy();

$_SESSION = array();

If this don't work (I doubt that it works) try to enable error's

PHP Code:


			
error_reporting(E_ALL);

ini_set('display_errors','On');

Time Sheep · 09-23-2011, 08:34 PM

You need to unset the variables...

PHP Code:


			
session_start();
session_unset();
session_destroy();