log out function not killing session

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

log out function not killing session

Post by Obadiah »

ok so ive got the user loggd in....however when i use

Code: Select all

function clearsessionscookies() 
{ 
    unset($_SESSION['auth']); 
    unset($_SESSION['logname']); 
	$_COOKIE[auth]=="0";
    session_unset();     
    session_destroy(); 
}
attach it to an a tag:

Code: Select all

<a class=\"Logout\" href=\"index.php?action=logout\">
and refer to it later on in the code by

Code: Select all

if ( isset($_GET['action']) && 'logout'===$_GET['action'] ) { 
        clearsessionscookies(); 
} 
it does not work correctly...the page at logout is set to go back to the login screen but if i hit the back button it allows the user back in instead of a "expired" or page cannot be displayed. can anyone assist me with this please! :banghead:
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Re: log out function not killing session

Post by s.dot »

this should do the trick..

Code: Select all

//kill the session cookie
if(isset($_COOKIE[session_name()]))
{
	setcookie(session_name(), '', time()-42000, '/');
}

//destroy the session
if(!empty($_SESSION))
{
	session_destroy();
}

//set session to an empty array
$_SESSION = array();
Remember, you also have to call session_start(); somewhere before this code (if you don't already)
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Re: log out function not killing session

Post by Obadiah »

thanks bro...that did the trick of killing the cookie...none of the user info shows up after implementation when i hit the back button....however, is there a way to get that ("webpage has expired") message page you get on other sites when you try to hit the back button after login?
phu
Forum Commoner
Posts: 61
Joined: Tue Mar 30, 2010 6:18 pm

Re: log out function not killing session

Post by phu »

Sure there is: Check for where the user is coming from and whether the session would otherwise be active. ;)

It's a pretty arbitrary thing, whether your site expects a user that's new or one that's just logged out.
Post Reply