Page 1 of 1

logout script not working

Posted: Thu Jul 19, 2007 5:05 pm
by suthie
this seems like it should work:

Code: Select all

<?php
//log out//
$_SESSION = array();
header('Location: frame.php');
?>
it does the redirect thing, but the session is not cleared. it still remembers that i am logged in.

what is wrong?

Posted: Thu Jul 19, 2007 5:07 pm
by John Cartwright

Code: Select all

session_write_close();
right before the redirect should work

Posted: Thu Jul 19, 2007 5:13 pm
by suthie
this is really weird. it still isn't logging me out.

the page it redirects to checks to see if you are logged in. here is the code on the other page. maybe that has something to do with it.

Code: Select all

<?php
session_start();
$areyouin = isset($_POST['areyouin']) ? $_POST['areyouin'] : $_SESSION['areyouin'];
$user = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];
if($areyouin != false){

...stuff...

}
?>
does that change anything? it is part of an included file that checks to see if you are logged in every time u go to another page

Posted: Thu Jul 19, 2007 5:30 pm
by John Cartwright
post the code exactly how it is

Posted: Thu Jul 19, 2007 5:57 pm
by Burrito
how about unset()

Posted: Thu Jul 19, 2007 7:21 pm
by suthie
here is the logout code:

Code: Select all

<?php
//log out//
$_SESSION = array();
session_write_close();
unset($_SESSION['user'],$_SESSION['areyouin']);
header('Location: http://penguinflash.justfree.com/frame.php');
?>
here is the code for the page "frame.php":

Code: Select all

<html>
<head>
<title>myVIBE</title>
<body background="images/pagebkg.png">
<?php
session_start();
$areyouin = isset($_POST['areyouin']) ? $_POST['areyouin'] : $_SESSION['areyouin'];
$user = isset($_POST['user']) ? $_POST['user'] : $_SESSION['user'];
if($areyouin != false){
?>
<iframe name="theframe" width=395 height=430 border=0 frameborder=0 src="http://penguinflash.justfree.com/check.php" style="position: absolute; top: 53px;">
</iframe>
<a href="http://penguinflash.justfree.com/home.php" target="theframe">
<img src="images/button_home.png" style="position:absolute; top:0px; left:322px;" border=0></a>
<table style="position:absolute; top:494px; left:140px;" width=260><tr><td>
<font color=#ffffff><b><div align="right">you are logged in as
<?php
echo $user;
?>
 - <a href="logout.php" target="_top"><font color=#ffffff><u>logout</u></font></a>
</div></b></font>
</td></tr></table>
<?php 
}else{
?>
<iframe name="theframe" width=395 height=430 border=0 frameborder=0 src="http://penguinflash.justfree.com/check.php" style="position: absolute; top: 53px;">
</iframe>
<a href="http://penguinflash.justfree.com/login.html" target="theframe">
<img src="images/button_home.png" style="position:absolute; top:0px; left:322px;" border=0></a>
<table style="position:absolute; top:494px; left:200px;" width=200><tr><td>
<font color=#ffffff><b><div align="right">you are not logged in.</div></b></font>
</td></tr></table>
<?php
}
?>
</body>
</html>

Posted: Thu Jul 19, 2007 7:28 pm
by webgroundz
borrito is right,

use

Code: Select all

unset()
or

Code: Select all

session_destroy()
because you are using

Code: Select all

$_SESSION = array();
i think it is advisable to use

Code: Select all

session_destroy()
after unset the session.

thanks...


:) :) :)

Posted: Thu Jul 19, 2007 7:30 pm
by suthie
that sounds like it should work... but it still doesn't :(

this is the code now:

Code: Select all

<?php
//log out//
unset($_SESSION['user'],$_SESSION['areyouin']);
session_destroy();
header('Location: http://penguinflash.justfree.com/frame.php');
?>

Posted: Thu Jul 19, 2007 7:38 pm
by Benjamin
Per the manual....

Code: Select all

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy();

Posted: Thu Jul 19, 2007 7:39 pm
by webgroundz
I think in your logout button there should be a parameter that will redirect to your page where you start the session,

for ex:

http:://www.mysite.com/index.php?logout=true

Code: Select all

if(isset($_REQUEST['logout'])=='true')
{
   unset($_SESSION);
}
else
{
//this should be the statement for your login.php
}
try this...thanks

:) :) :)

Posted: Thu Jul 19, 2007 7:40 pm
by suthie
it works!! thank you much

Posted: Thu Jul 19, 2007 7:41 pm
by webgroundz
astion is right,

you get my point men, :) ..that's the manual said.

Posted: Thu Jul 19, 2007 7:45 pm
by webgroundz
no problem.,thanks also.. :) :) :)