Page 1 of 1

session destroy for logout not removing row from mysql db

Posted: Sat Mar 13, 2004 7:13 pm
by anjanesh
I have this in login.php

Code: Select all

session_module_name("user");
session_set_save_handler("session_open","session_close","session_read","session_write","session_remove","session_gc");
session_start();
header("Location:MemberPage.php");
This worked fine - the session id etc is stored in the databse.
session_open,session_close,session_read,session_write,session_remove,session_gc functions are defined.

I have this in MemberPage.php
<a href="logout.php">Logout</a>

I have this in logout.php

Code: Select all

session_destroy();
But it gives this warning and the row (session id) stil remains in the databse.

Warning: session_destroy(): Trying to destroy uninitialized session in c:\inetpub\wwwroot\vlb\vlbjcas\logout.php on line 8

Giving this in the logout.php page also does not

Code: Select all

session_module_name("user");
session_set_save_handler("session_open","session_close","session_read","session_write","session_remove","session_gc");

How do I rectify this error ?

Thanks

Re: session destroy for logout not removing row from mysql d

Posted: Sun Mar 14, 2004 9:14 am
by scorphus
Hello anjanesh, greetings from Brazil!
anjanesh once wrote:Warning: session_destroy(): Trying to destroy uninitialized session in c:\inetpub\wwwroot\vlb\vlbjcas\logout.php on line 8
You have to initialize the section before you can destroy it. Try to add this line to logout.php:

Code: Select all

session_start();
session_destroy();
Hope that helps,
Scorphus.

Posted: Sun Mar 14, 2004 12:44 pm
by anjanesh
session_start is already initialized in login.php
If I have session_start again in logout.php it gives headers already sent

Posted: Sun Mar 14, 2004 12:47 pm
by d3ad1ysp0rk

Code: Select all

<?PHP 
session_start();
session_destroy();
echo "You are logged out!";
?>
copy that exact code into logout.php and tell us what it does

Posted: Mon Mar 15, 2004 12:50 am
by anjanesh
This is what happened when I gave session_start() in logout.php :

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php:6) in C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php on line 10

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php:6) in C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php on line 10

You are logged out!

session_start() is there in login.php which works successfully. On login it redirects to memberpage.php using header fn. In memberpage.php & all other php scripts after login I get the session id using $PHPSESSID. In memberpage.php there is a link to logout.php where I have given session_destroy() but does not get rid of the row created in the mysql table.

Posted: Mon Mar 15, 2004 1:30 am
by RadixDev
As you would probably know the below error normally means that you have either printed a text onto the page or used header() function:

Code: Select all

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php:6) in C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php on line 10
The following code to destroy a sessoin might work (make sure that logout.php file starts with this code:

Code: Select all

<?php
session_start();
session_destroy();
session_unset('VARIABLE1');
session_unset('VARIABLE2');
// and so on
// or use unset($_SESSION['VARIABLE1']);
?>

Posted: Mon Mar 15, 2004 6:31 am
by anjanesh
session_start() is already started in login.php.
A session_start() when a session id is already present in the browser would give the headers sent etc error.

Code: Select all

session_destroy();
echo "You are logged out!";
session_unregister($PHPSESSID);
print($PHPSESSID.'<br>'.$str);
Warning: session_destroy(): Trying to destroy uninitialized session in C:\Program Files\Apache Group\Apache2\htdocs\vlbjcas\logout.php on line 13
You are logged out!8ff6cbec2a946fe7fa977c3269914b06

See here ? $PHPSESSID still exits when I already tried to destroy it.

Posted: Mon Mar 15, 2004 6:37 am
by anjanesh
This is what login.php contains : the use defined fns write, remove rows etc from the table which is correct (sql syntax)

Code: Select all

<?php
session_module_name("user");
session_set_save_handler("session_open","session_close","session_read","session_write","session_remove","session_gc");
session_start();
header("Location:MemberPage.php");

function session_open($path,$name)...
function session_close()...
function session_read($id)...
function session_write($id,$data)...
function session_remove($id)...
function session_gc($life)...
?>
In MemberPage.php you got things like update your profile where I use $PHPSESSID to identify the user.
In MemberPage.php you got a link to logout.php.

In logout.php all I need is to remove the session id.
Thanks

Posted: Mon Mar 15, 2004 7:44 am
by anjanesh
Ok guys this did not complain :

Code: Select all

<?php
session_module_name("user");
session_set_save_handler("session_open","session_close","session_read","session_write","session_remove","session_gc");
session_start();
session_unset($PHPSESSID);
unset($PHPSESSID);
session_destroy();
header("Location:index.htm");
?>
All those session_read(), session_remove() are there.

It removed the row from the table. But $PHPSESSID still contains the same old session id.