Closing a session at logout

Posted on 2006-04-30
Last Modified: 2013-12-13
Hi i have a login script that assignes a session, in the book im using it describes a session_destroy(); and a unset($_session ); but i have tried to create a script for a log out and it just doesn't do n e thing! i have put the code for the session start variables in below. does anybody have an idear whats goin wrong i think its the fact that no arguments are passed to the end session functions but the book does not tell me what of anything to pass it.

Thanks for the help.
Question by:Karl01
    LVL 28

    Expert Comment

    How do you know it's not doing anything?

    I mean if you are login out and then it the back button, nothing would have change on the page you would need to refresh to see if the logout worked.

    LVL 29

    Expert Comment

    Just to be sure, you might give a try at:

    unset($_SESSION); //usually in upercase...
    session_destroy(); // close the session
    exit; //leave the php so that the page can reload safely

    Author Comment

    Ok i now have an error;  Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in
    Does this mean the session is not started correctly? also once this has run how to i get the login page to load so the user is returned to the login form?

    thanks for the help.
    LVL 16

    Expert Comment

    try to destroy the session only


    and when using unset(), it is better to unset this session variable
    unset ($_SESSION['varname']);

    give it a try...
    LVL 29

    Expert Comment

    Yes this says that there is no session open.
    Either you did not put session_start() at the top of your script (safest place is line #2, just after  <?php...)
    OR ... you updated your script and forgot to remove some previous session_destroy()

    When this will be solved, I suggest you use $_SESSION=array(); instead of unset()
    This makes you sure that the SESSION array is empty...
    LVL 29

    Accepted Solution

    I forgot the page redirection...
    If you have NOT yet output any HTML code, then you can use the header() function as explained by dr_dedo.

    In my case however, some HTML code was already output, so I cheated with the help of javascript:

    <script language='javascript'>
    echo $redirect;// will generate a javascript/ html code that changes url NOW
    exit; // just in case above does not work, php script will be restared rather than resumed

    Author Comment

    Hi i have tried the code from dr_dedo but i now get these errors show below also i have checked my login scropt and i have session_start(); session_unset() on the first two lines after the <?php. anybody got a clue whats going on?

    thanks for all the help.

    Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 3

    Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 3

    Warning: Cannot modify header information - headers already sent by (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 5
    LVL 20

    Expert Comment

    by:Muhammad Wasif
    post your logout page code.
    LVL 29

    Expert Comment

    "Cannot send session cookie - headers already sent by "
    This is what I said: since some html code has already been sent , you cannot use the header() redirection.
    Can you try my JavaScript solution?
    LVL 29

    Expert Comment

    Other info:
    - unset($_SESSION) is explicitly said to be avoided, since it prevents the system to use $_SESSION
    --> $_SESSION=array(); will keep the array while emptying all its values.

    - check that the < from the first <?php is THE FIRST CHARACTER in your file: no space, no new line should be before this <
    LVL 12

    Expert Comment

    If you happen to have root access to your server's directory structure, you could run the phpinfo() function...find out where your sessions are being stored, then view the contents of one of the files (typically, by default, a session file starts with "sess_" as it's a locate sess_ to see where they are all at) to see if the variables have all been unset/removed after logging out. I store all my session files in /var/tmp, but I think that the default setting in the php.ini file is just /tmp, but I could be wrong...either way, having a look at an actual session file is a sure fire way to see what the server is doing as you try out your code or the suggestions mention by these other people offering you code to try.

    Good luck :)

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit ( and similar technologies have enjoyed wide adoption, making it possib…
    I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
    This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now