SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Zealot
    Join Date
    Dec 2011
    Posts
    124
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Logout script not clearing $_session variables

    I'm trying to use this php to clear out the session variables and return to the index page. However it's not clearing them out. Any ideas?

    logout.php
    Code:
    <?php 
    	session_start();
            unset($_SESSION['user_id']);
            unset($_SESSION['username']);
    	session_destroy();
    	header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1"); 
    ?>
    then in my navigation I'm using this code to either display their username and a logout link to logout.php or if they are not logged in display a sign in link.

    Code:
    <?php
             // if logged in
    	if (isset($_SESSION['user_id'])) 
    	{
    		// display 
    		echo "<a href='#'>".$_SESSION['username']."</a>&nbsp; &nbsp;";
    		echo "<a href='scripts/logout.php'>Log Out</a>&nbsp; &nbsp;";
    	}
            // if not logged in
    	else
    	{      // display login link
    		echo "<a href='login.php'>Sign In</a>";
    	}
    ?>
    here is my super simple login script
    Code:
    $username = $_POST['username'];
    $password = $_POST['password'];
    			
    //Check if the username or password boxes were not filled in
    if(!$username || !$password){
    	//if not display an error message
    	echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b>!</center>";
    }else{
    	// find user by username and password - working
    	$userQuery = 'SELECT * FROM users WHERE user_name ='.'"'. $username.'" AND password='.'"'. $password.'"' ; 
    	$users = mysql_query($userQuery);
    
    	$user = mysql_fetch_array($users);
    	$_SESSION['user_id'] = $user['user_id'];
    	$_SESSION['username'] = $user['username'];
    	header("Location: http://aaronhaas.com/pitchshark6/index.php?vid_id=1");
    	
    	}

  2. #2
    Always A Novice bronze trophy
    K. Wolfe's Avatar
    Join Date
    Nov 2003
    Location
    Columbus, OH
    Posts
    2,182
    Mentioned
    66 Post(s)
    Tagged
    2 Thread(s)
    Are you positive it is actually not clearing those session variables or is it possibly anothe rportion of your script that is failing. Do an echo of the session variables at the end of each script to make sure.

    O-H!

  3. #3
    SitePoint Evangelist
    Join Date
    May 2006
    Location
    Austin
    Posts
    401
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Make sure you have all error reporting on.

    I would use:

    session_start();
    unset($_SESSION);

    if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,$params["path"], $params["domain"],$params["secure"], $params["httponly"]);
    }

    session_destroy();
    Merchant Equipment Store - Merchant Services, POS, Equipment, and supplies.
    Merchant Account Blog | Ecommerce Blog

  4. #4
    Non-Member spaculus's Avatar
    Join Date
    Mar 2012
    Location
    Vadodara
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Put session_destroy(); at the right position after checking the result means checking all variable by echo and die.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •