Trouble logging out / destroying session

Question

Im having trouble destroying my session on a little test-side that i made.

I can log in from my code_login.php file, and header() to my other page, where login is required. But when i log out, sometimes can go back to that page even though i logged out.

(session_start() is at the top of all my pages)

This is my login code:

$res = $db->query($sql);
$num = $res->num_rows;

if ($num == 1) {
    $_SESSION['user'] = array(
        'username' => $username;
    );
}

Here is the logout:

session_start();
$_SESSION = array();
session_destroy();
header('LOCATION: index.php?loggedOut');

This is the top of my page where login is required

session_start();
if (isset($_SESSION['user'])) {
    require some stuff;
} else {
    header('LOCATION: index.php?loginNeeded');
}

But still sometimes i am able to go back to the loginrequired page, after logging in.

This will probably bring you some joy http://stackoverflow.com/questions/3948230/best-way-to-completely-destroy-a-session-even-if-the-browser-is-not-closed — Matt, Jun 21 '14 at 12:13

score 0 · Answer 1 · answered Jun 21 '14 at 12:11

0

session_start();

is to be inserted on every page you set or unset session as well as for reading the session

data

answered Jun 21 '14 at 12:11

Ashish

332
1
8

Check if your browser support cookies & as well as your php.ini supports session using cookies – Ashish Jun 21 '14 at 12:12

fortune · Answer 2 · 2014-06-21T12:34:39.507

0

Add session_start(); at the top of the login code page:

session_start();
$res = $db->query($sql);
$num = $res->num_rows;

if ($num == 1) {
    $_SESSION['user'] = array(
        'username' => $username;
    );
}

edited Jun 21 '14 at 12:34

answered Jun 21 '14 at 12:16

fortune

3,361
1
20
30

Trouble logging out / destroying session

2 Answers2