I have research a lot and I have yet to find the solution to my problem. I clik a link for the user to logout the user then is redirected to the login page. The problem is that when the user is redirected it still logged in. This is my code to logout the user.
session_start();
$_SESSION = array(); //destroy all of the session variables
unset($_SESSION['valid']);
unset($_SESSION['userid']);
unset($_SESSION['username']);
session_destroy();
Header("Location:login.php");
exit;
}
Make sure that both login and logout page's subdomains are the same
as the session's cookie is domain based by default unless you change that.
session_set_cookie_params ( int $lifetime [, string $path [, string $domain [, bool $secure = false [, bool $httponly = false ]]]] )
i faced similar problem and yes, i found that my cookies are set; so simply adding following code helped me to get rid of it:
if(isset($_COOKIE[session_name()])):
setcookie(session_name(), '', time()-7000000, '/');
endif;
