logout script not working

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

logout script not working

Post by suthie »

this seems like it should work:

Code: Select all

<?php
//log out//
$_SESSION = array();
header('Location: frame.php');
?>
it does the redirect thing, but the session is not cleared. it still remembers that i am logged in.

what is wrong?
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Code: Select all

session_write_close();
right before the redirect should work
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

this is really weird. it still isn't logging me out.

the page it redirects to checks to see if you are logged in. here is the code on the other page. maybe that has something to do with it.

Code: Select all

<?php
session_start();
$areyouin = isset($_POST['areyouin']) ? $_POST['areyouin'] : $_SESSION['areyouin'];
$user = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];
if($areyouin != false){

...stuff...

}
?>
does that change anything? it is part of an included file that checks to see if you are logged in every time u go to another page
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

post the code exactly how it is
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

how about unset()
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

here is the logout code:

Code: Select all

<?php
//log out//
$_SESSION = array();
session_write_close();
unset($_SESSION['user'],$_SESSION['areyouin']);
header('Location: http://penguinflash.justfree.com/frame.php');
?>
here is the code for the page "frame.php":

Code: Select all

<html>
<head>
<title>myVIBE</title>
<body background="images/pagebkg.png">
<?php
session_start();
$areyouin = isset($_POST['areyouin']) ? $_POST['areyouin'] : $_SESSION['areyouin'];
$user = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];
if($areyouin != false){
?>
<iframe name="theframe" width=395 height=430 border=0 frameborder=0 src="http://penguinflash.justfree.com/check.php" style="position: absolute; top: 53px;">
</iframe>
<a href="http://penguinflash.justfree.com/home.php" target="theframe">
<img src="images/button_home.png" style="position:absolute; top:0px; left:322px;" border=0></a>
<table style="position:absolute; top:494px; left:140px;" width=260><tr><td>
<font color=#ffffff><b><div align="right">you are logged in as
<?php
echo $user;
?>
 - <a href="logout.php" target="_top"><font color=#ffffff><u>logout</u></font></a>
</div></b></font>
</td></tr></table>
<?php 
}else{
?>
<iframe name="theframe" width=395 height=430 border=0 frameborder=0 src="http://penguinflash.justfree.com/check.php" style="position: absolute; top: 53px;">
</iframe>
<a href="http://penguinflash.justfree.com/login.html" target="theframe">
<img src="images/button_home.png" style="position:absolute; top:0px; left:322px;" border=0></a>
<table style="position:absolute; top:494px; left:200px;" width=200><tr><td>
<font color=#ffffff><b><div align="right">you are not logged in.</div></b></font>
</td></tr></table>
<?php
}
?>
</body>
</html>
User avatar
webgroundz
Forum Commoner
Posts: 58
Joined: Thu Jun 21, 2007 1:20 am
Location: Philippines

Post by webgroundz »

borrito is right,

use

Code: Select all

unset()
or

Code: Select all

session_destroy()
because you are using

Code: Select all

$_SESSION = array();
i think it is advisable to use

Code: Select all

session_destroy()
after unset the session.

thanks...


:) :) :)
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

that sounds like it should work... but it still doesn't :(

this is the code now:

Code: Select all

<?php
//log out//
unset($_SESSION['user'],$_SESSION['areyouin']);
session_destroy();
header('Location: http://penguinflash.justfree.com/frame.php');
?>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Per the manual....

Code: Select all

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy();
User avatar
webgroundz
Forum Commoner
Posts: 58
Joined: Thu Jun 21, 2007 1:20 am
Location: Philippines

Post by webgroundz »

I think in your logout button there should be a parameter that will redirect to your page where you start the session,

for ex:

http:://www.mysite.com/index.php?logout=true

Code: Select all

if(isset($_REQUEST['logout'])=='true')
{
   unset($_SESSION);
}
else
{
//this should be the statement for your login.php
}
try this...thanks

:) :) :)
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

it works!! thank you much
User avatar
webgroundz
Forum Commoner
Posts: 58
Joined: Thu Jun 21, 2007 1:20 am
Location: Philippines

Post by webgroundz »

astion is right,

you get my point men, :) ..that's the manual said.
User avatar
webgroundz
Forum Commoner
Posts: 58
Joined: Thu Jun 21, 2007 1:20 am
Location: Philippines

Post by webgroundz »

no problem.,thanks also.. :) :) :)
Post Reply