PHP sessions won't destroy

Question

I'm experiencing problems when trying to destroy sessions they seem to be destroyed,

but if I click the back button the variables return, as regions of the page that should be hidden become visible again,

this part of the site is for administration The front part of the site also has a login but this does not occur

The admin part's index page is in a subfolder, I have a file called notLoggedIn.php, that I include on pages I want to lock administrator out of,notLoggedIn.php tests for the existence of a session that is set on loggin

when I logout, click the back button this actually works, it redirects me back to the admin index but, now it displays my username again and then I can't log back in???

I've tried

 $_SESSION = array()

if (isset($_COOKIES[session_name()])) { 
$params = session_get_cookie_params();
setcookie(session_name(), '', 1, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
}
session_destroy()

Unsseting sessions by name

As I said this doesn't happen to the other part of the site...any suggestions?

Answer 1

Does this occur when you refresh the page? My first though would be you are seeing a page cached by the browser. Try adding this to your pages when/after the user logs in:

header('Cache-Control: no-cache, no-store, must-revalidate');

Answer 2

Sometimes the problem is that session_start() is forgotten before calling session_destroy().

Answer 3

Browser may cache whole page's html and just display page from local memory w/o even sending request, not to mention executing php script on server.

It's about caching, which is affected among other things by type of request (GET/POST).

Answer 4

Thanks for your time guys but it seems that was a WAMP issue
Once I used MAMP, or uploaded live, so far, this issues haven't arisen.

Thanks again