Why Can I not end a session

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
simonslater
Forum Newbie
Posts: 3
Joined: Wed May 06, 2009 10:24 pm

Why Can I not end a session

Post by simonslater »

I understand the basic concept behind ending a session which is:

Code: Select all

 
session_start();
session_unset();
session_destroy();
 
The problem is, that this does not work. Why is this? here is the code I have so far:
 
function restricted($logout)
    {
        require_once('db_login.php');   
        if($logout=='logout'){
            echo "logout code here";
            session_start();
            session_unset();
            session_destroy();
            echo "session is".session_is_registered();
        }else{
    
                session_start();
            
            
            if (empty($_SESSION['user_id']))
            {
                if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
                {
                    header('WWW-Authenticate: Basic realm="Member Area"');
                    header("HTTP/1.0 401 Unauthorized");
                    echo "You must enter a username and password.";
                    exit;
                }
        
            //connect to db
            vanstand_connect('localhost', 'Vstand', 'root', '');
        
            $web_username = mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
            $web_password = mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
        
        
            $query = "SELECT user_id, username";
            $query.= " FROM users WHERE ";
            $query.= "username='".$web_username."' AND password='".$web_password."' LIMIT 1";
            $result = mysql_query($query);
            if(!$result)
            {
                die("Cannot query: <br />".mysql_error());
            }
            if (!$result_row = mysql_fetch_array($result, MYSQL_ASSOC))
            {
                header('WWW-Authenticate: Basic realm="Member Area"');
                header("HTTP/1.0 401 Unauthorized");
                echo "Your username and password combination was incorrect.";
                exit;
            }
            $_SESSION['user_id'] = $result_row['user_id'];
            $_SESSION['username'] = $result_row['username'];
            
        }
        
            if (empty($_SESSION['user_id']))
            {
            echo "empty";
            }
        $value = $_SESSION['username'];
        setcookie("MoverCookie",$value);
        echo "Welcome <b>".$_SESSION['username'].'</b>.';
        mysql_close($connection);
        }
    }
 
The login in part works fine however destroying session does not. Any help on this seemingly simple matter would be terrific.

Thanks Simon Slater
Last edited by Benjamin on Thu May 07, 2009 1:34 am, edited 1 time in total.
Reason: Added [code=php] tags.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Re: Why Can I not end a session

Post by John Cartwright »

There are a few quirks making session_unset() and session_destroy() unreliable. Your best bet is to simply overwrite the session array, instead of eliminating the actual session.

Code: Select all

if($logout=='logout'){
   echo "logout code here";
   session_start();
   $_SESSION = array();
}else{
   //
}
And please use the proper in the future when posting please.
Post Reply