my logout.php looks like this <code> session_start(); session_register("SESSION"); //these 2 things have to be on every page right? require ('validate_session.php'); //does compare $PHPSESSID and the sessid i have in every url
// start of validate_session.php <? header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); if($id != $PHPSESSID) { session_destroy(); setcookie ("cookie", "", time() - 32436000); echo"<SCRIPT LANGUAGE=\"JavaScript\"><!--\n document.location.href = '/test/auth.php'; \n /--></script>"; exit; } ?> // end of validate_session.php session_destroy(); session_unregister("SESSION"); session_unset("SESSION"); session_write_close(); </code> but the session wont leave. i can browse to other sides, but i can comeback later, and i get the same session id... what is wrong? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]