[SOLVED] session_unregister() will not work

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

[SOLVED] session_unregister() will not work

Post by melindaSA »

I have a problem the following code, the login works great, but the session_unregister will not work. If I do not close my browser after logging out of level_one, and then login using level_two, I still get the results for the level_one login.

Code: Select all

<?php


$target=$_SERVER["PHP_SELF"];
include("common.php");
if (isset($_SESSION['level'])) {
                if (isset($logout)){
                        session_unregister("level");
                }else{
                   echo"
                        <form name=form1 method=post action=assets/login.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td >
                                                <input name=logout type=hidden value=logout>

                                                <input name=submit type=image src=logout.gif  border=0 >
                                                </td>
                                        </tr>
                                </table>
                        </form>";
                }
        } 
if (!isset($_SESSION['level'])) {
        if (isset($username)){
                $query = "SELECT level FROM users WHERE username='$username' AND password='$password'" or die("Wrong Password"); 
                $sql_results = mysql_query($query,$connection);
                        while ($row = mysql_fetch_array($sql_results)) {
                                $level = $row['level'];
                                        session_register("level");
                        }
        }
        if (isset($_SESSION['level'])) {
                   echo"
                        <form name=form1 method=post action=assets/login.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td >
                                                <input name=logout type=hidden value=logout>

                                                <input name=submit type=image src=logout.gif  border=0 >
                                                </td>
                                        </tr>
                                </table>
                        </form>";
        }else{
                echo"
                        <form name=form1 method=post action=../page1_login.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td>username:</td>
                                        </tr>
                                        <tr>
                                                <td><input type=text name=username class=form></td>
                                        </tr>
                                        <tr>
                                                <td>password:</td>
                                        </tr>
                                        <tr>
                                                <td><input type=text name=password class=form></td>
                                        </tr>
                                        <tr>
                                                <td align=right><input type=hidden value=1 name=reload>
                                                <input name=submit type=image src=go.gif  border=0 ></td>
                                        </tr>                                
                                </table>
                        </form>";
        }
} 

?>
I would really appreciate some help!
Thank you!
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

You shouldn't mix $_SESSION with the session_* functions (apart from session_start, session_destroy).
Try using unset($_SESSION['level']) instead of session_unregister("level");
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

Thanks for the quick reply!

I tried using unset($_SESSION['level']); and it still will not close the session....
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Well unless you have register_globals On (and you shouldn't, a phpinfo() page will tell you) you should be using $_POST['logout'] instead of $logout, same applies to the other form vars, like username and password.

Also, you can just destroy the entire session with session_destroy() rather than just unset the login session var.
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

I will make sure that I use I use $_POST[] from now on...learn something new everyday! I tried $_POST['logout'] and session_destroy, and the session still will not close!!
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

I got it working, by making a seperate logout page...

Code: Select all

<?php

// logout.php

// you must start session before destroying it
session_start();
session_destroy();

echo "You have been successfully logged out.

<br><br>
You will now be returned to the login page.

<META HTTP-EQUIV="refresh" content="2; URL=login.php"> ";


?>
Thank you!
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

call me picky, but i think the proper way is:

Code: Select all

<?php
session_start(); 
session_destroy(); 
$_SESSION = array(); 
?>
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

OK! Thanks!
Elessar
Forum Newbie
Posts: 15
Joined: Tue Jun 15, 2004 11:17 am

Post by Elessar »

Found this at the php.net page:
Only This works with register_globals being 'ON'.

unset( $_SESSION['variable'] );

The above will not work with register_globals turned on (will only work outside of a function).

$variable = $_SESSION['variable'];
unset( $_SESSION['variable'], $variable );

The above will work with register_globals on & inside a function
So, if you have regiser_globals on, unset($_SESSION['variable') won't work. Might as well try $_SESSION['variable'] = '' instead
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

the best way to destroy a session is $_SESSION = array();

edit - oops tim already said this
Post Reply