Session_destry() not destroying the session

reisve · May 31, 2013, 12:30pm

Hi

I hve a page with sessions. They work and I get it doing what is suposed to. However, I heve a link to destroy the session (logout) mas the user stays logedin. The script I cal from the logout link is this:

[php]

<?php session_destroy(); header("Location: index.php"); ?>

[/php]

Can someone help me out with this?

fastsol · May 31, 2013, 8:52pm

You need to have a session_start(); on the page first to be able to destroy the current session vars.

reisve · June 1, 2013, 8:42am

I do have a seesion_start() before

fastsol · June 1, 2013, 12:18pm

It’s not in the code you showed.

reisve · June 1, 2013, 12:33pm

It is on another module which is called right at the beginning of the page. This is just the logout code

fastsol · June 1, 2013, 1:14pm

You must have something that is overwriting the destroy then. Just send you logout link to a dedicated page and only have the logout code in there, then redirect to the index.
[php]

<?php session_start(); session_destroy(); header('Location: index.php'); exit; ?>

[/php]

reisve · June 1, 2013, 1:40pm

Your code does the same. The vars in the session still there.

fastsol · June 1, 2013, 2:04pm

What specific vars are you trying to get rid of? Certain vars will always reappear once you redirect to a page that has a session_start() on it cause it’s starting a new session. Any session vars that you have defined in the site should be reset on logout but again may reappear if you are defining them upon page load and not via a login script of something.

reisve · June 1, 2013, 2:42pm

First name

last name

loggedin = “YES”

reisve · June 1, 2013, 2:46pm

I’m defining them trough login:

[php]

<?php include "lib/configuration.php"; include "language/frontend/portuguese.php"; include "templates/frontend/header.tpl"; if ($_POST) { $f_user = $_POST['user']; $f_pass = $_POST['pass']; $cryptpass = md5($f_pass); $link = mysqli_connect($host, $user, $pass, $db); /* check connection */ if (mysqli_connect_errno()) { echo ""; echo "

" . $error['dbconnection'] . "

"; exit(); } $query = "SELECT * FROM users"; if ($result = mysqli_query($link, $query)) { if (mysqli_errno($link)) { echo ""; echo "

" . $logerror['query'] . "

"; } else { /* fetch associative array */ while ($row = mysqli_fetch_assoc($result)) { $c_fname = $row['first_name']; $c_lname = $row['last_name']; $c_user = $row['c_user']; $c_pass = $row['c_pass']; if ($f_user == $c_user AND $cryptpass == $c_pass) { $_SESSION['logedin'] = "YES"; $_SESSION['first_name'] = $c_fname; $_SESSION['last_name'] = $c_lname; echo ""; } } echo ""; echo "

" . $loginerror['login'] . "

"; } } /* free result set */ mysqli_free_result($result); /* close connection */ mysqli_close($link); } else { include "templates/frontend/loginspace.tpl"; include "templates/frontend/registerlogin.tpl"; include "templates/frontend/searchspace.tpl"; include "templates/frontend/search.tpl"; include "templates/frontend/hmenuspace.tpl"; include "templates/frontend/menubar.tpl"; include "templates/frontend/leftspace.tpl"; include "templates/frontend/leftside.tpl"; include "templates/frontend/contentspace.tpl"; include "templates/frontend/login.tpl"; include "templates/frontend/rightspace.tpl"; include "templates/frontend/rightside.tpl"; include "templates/frontend/footerspace.tpl"; include "templates/frontend/footerdiv.tpl"; include "templates/frontend/footer.tpl"; } ?>

[/php]

and the session start is on the include "lib/configuration.php"; among some other things