Welcome to WebmasterWorld Guest from 54.166.224.46

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Logoff function not redirecting as expected

     
8:43 pm on Jan 26, 2008 (gmt 0)

5+ Year Member



I have a logoff function that I use in my script


function logoff() {

// kill session variables
unset($_SESSION["user"]);
unset($_SESSION["pass"]);

session_destroy();
setcookie("user", NULL, time()-3600);
setcookie("pass", NULL, time()-3600);

// redirect them to anywhere you like.
header("Location: index.php");

}

I call it in the script like this with a link login.php?logoff


if (isset($_GET["logoff"]))
logoff();

When I am logged in it does log me off but does not redirect me to the index page as expected. if I use the same link and am not logged in it does redirect me to the index page. Any ideas as to what is wrong with it?

Thanks
Brandon

11:13 pm on Jan 26, 2008 (gmt 0)

5+ Year Member



I have same problem on godaddy windows hosting account. my logout script works fine in my local server but it does not work on godaddy. let me know if you host your site in godaddy.
12:36 pm on Jan 27, 2008 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



my only thought is the path, maybe try an absolute instead of the relative index

header("Location: /index.php");

or even with the full domain

header("Location: http://www.example.com/index.php");

5:57 pm on Jan 27, 2008 (gmt 0)

5+ Year Member



When you do header redirects, there can be no prior data being outputted to the browser. Do an output of your headers and make sure there is nothing else going on. Even whitespace/blank lines/etc will cause errors.

[php.net...]

5:58 pm on Jan 27, 2008 (gmt 0)

5+ Year Member



I finally figured it out. The reason I was having an issue ended up there was other session variables that I did not unset so the working code I use is


function logoff() {

// kill session variables
unset($_SESSION["user"]);
unset($_SESSION["pass"]);
unset($_SESSION["logged_in"]);
unset($_SESSION["admin"]);

session_destroy();
setcookie("user", NULL, time()-3600);
setcookie("pass", NULL, time()-3600);

// redirect them to anywhere you like.
header("Location: index.php");

}

Is there a way to just unset all session variables? Will I have to update this every time I set a session parameter for the logout to redirect?

Thanks for your help

7:57 pm on Jan 27, 2008 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



[php.net...]

ession_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie.

In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.

8:30 pm on Jan 28, 2008 (gmt 0)

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Good point, jatar_k. That page is a must-read.

Is there a way to just unset all session variables?

$_SESSION = array();

Here is another related discussion that will be of interest:
How to check if the session is really destroyed [webmasterworld.com]
 

Featured Threads

Hot Threads This Week

Hot Threads This Month