Like This
foreach ($_SESSION as $key => $value){
session_unregister($key);
}Chris W. Parker wrote:
Hello,
PHP 4.2.2
I'm working on a cart program right now and I can't properly log the user out. The only way I've been able to get a different session id is by closing all browser windows and reloading the site.
Scenario:
I go the site I'm working on and click the login page. I have 'echo session_id();' in the login page so I can see the session id. I fill in my username and password and click "login". I'm then sent to a processing page that actually fills in the session variable with some data (i.e. username, session id, security level, etc.). I then redirect back to the login page with header("Location: login.php");.
Now that I'm back at the login page I still see my session id (and as expected it is the same). Then I click "logout" and am taken to a logout page. The logout page is as follows:
<? // start the customers session session_start();
session_destroy(); setcookie("user_info","",(time()-3600),"/"); header("Location: {$_SERVER["HTTP_REFERER"]}"); exit; ?>
Here is another version of the same file that I've tried using:
<? // start the customers session session_start();
session_unset(); session_destroy();
header("Location: {$_SERVER["HTTP_REFERER"]}"); exit; ?>
As far as I have been able to find out (by surveying other people and RTFM'ing) I'm doing it correctly, but for some it's just not working.
After I click logout I would expect to be sent back to the login page and see a different session id displayed, but instead I'm presented with the same session id. The only way I can get a different session id is by closing all the browser windows and starting over.
Anyone have any ideas?
Thanks, Chris.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
