Using session_destroy to logout

Forum Moderators: coopster

Message Too Old, No Replies

Using session_destroy to logout

FayeN

10:17 pm on Nov 3, 2003 (gmt 0)

I am designing an electronic voting system with PHP, mysql and apache. When you first login you have options to login as administrator or user. Say for example you login as user and then you do user things. But if you hit the back button all the way back to the point where you can log on as a administrator or user and you hit administrator it does not ask for login info because you have already logged in as user, so it is still assuming you are logged in even though user ID is not the same for adminstrator id and password. I am trying to end the session but am not sure of how to code this. I have a logout button but it is not ending the session.

Any suggestions?

bobnew32

10:45 pm on Nov 3, 2003 (gmt 0)

session_destroy()

~bob

FayeN

11:53 pm on Nov 3, 2003 (gmt 0)

how would I write the code for example
if button is clicked, then session_destroy

bobnew32

4:20 am on Nov 4, 2003 (gmt 0)

make a standard button code in a form, and name the button submit.

<?php

if(isset($submit))
{
session_destroy();
}

very simple, it can be called at any time. Like if you have in your url a variable called $logout=true

<?php

if($_GET['logout']=='true')
{
session_destroy();
}

dreamcatcher

6:59 am on Nov 4, 2003 (gmt 0)

I`m not sure if its totally necessary, but it might also be a good idea to call session_unset(), this clears the session variables before the session is destroyed.

session_unset();
session_destroy();

in an earlier version of PHP (I think before 4.0) you can just use unset().

unset();

Maybe some of the other guys can clear up using session_unset().

jatar_k

4:24 pm on Nov 4, 2003 (gmt 0)

session_destroy [ca.php.net]

session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie.

session_unset [ca.php.net]

The session_unset() function frees all session variables currently registered

Caution:

Do NOT unset the whole $_SESSION with unset($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal.

If you look at the example for destroy they show to use unset first then destroy.