Problem with logout

Forum Moderators: coopster

Message Too Old, No Replies

Problem with logout

Logout and session variables

sjen

2:16 am on May 22, 2005 (gmt 0)

I am using the following code which executes when ‘log out’ link is clicked:

<?php

unset($_SESSION['company_id']);
unset($_SESSION['company_type']);
unset($_SESSION['username']);
unset($_SESSION['password']);

$attributes["company_id"] = '';
$attributes["company_type"] = '';
$attributes["username"] = '';
$attributes["password"] = '';

// kill session variables

$_SESSION = array(); // reset session array
session_destroy(); // destroy session.
header('Location: index.php?method=logiMain.default');
?>

However, after the login screen is display and I click back on the browser, the session variables still exist.

Please help.

Timotheos

4:26 am on May 22, 2005 (gmt 0)

Are you sure this is not your browser caching the page? What happens when you refresh?

sjen

2:50 pm on May 22, 2005 (gmt 0)

I've tried refreshing:

1. login
2. the session variables are created
3. logout
4. click back
5. refresh
6. the session variables still exist

sjen

3:33 pm on May 22, 2005 (gmt 0)

not sure whether this is the right fix, but i have to expire the PHPSESSID cookie by adding the following code to the above logout script, which cleared up my session variables too:

setcookie ("PHPSESSID", "", time() - 3600);

i want to get away from using cookies, and tried by setting the following in php.ini

session.use_cookies = 1

but then my script stopped working, with none of the session variables set. what is the right way to set and delete session variables while not using cookies?