Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Closing a session at logout

Posted on 2006-04-30
11
Medium Priority
?
413 Views
Last Modified: 2013-12-13
Hi i have a login script that assignes a session, in the book im using it describes a session_destroy(); and a unset($_session ); but i have tried to create a script for a log out and it just doesn't do n e thing! i have put the code for the session start variables in below. does anybody have an idear whats goin wrong i think its the fact that no arguments are passed to the end session functions but the book does not tell me what of anything to pass it.

Thanks for the help.
0
Comment
Question by:Karl01
11 Comments
 
LVL 28

Expert Comment

by:gamebits
ID: 16572662
How do you know it's not doing anything?

I mean if you are login out and then it the back button, nothing would have change on the page you would need to refresh to see if the logout worked.

Gamebits
0
 
LVL 29

Expert Comment

by:fibo
ID: 16572689
Just to be sure, you might give a try at:

unset($_SESSION); //usually in upercase...
session_destroy(); // close the session
exit; //leave the php so that the page can reload safely
0
 

Author Comment

by:Karl01
ID: 16572736
Ok i now have an error;  Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in
Does this mean the session is not started correctly? also once this has run how to i get the login page to load so the user is returned to the login form?

thanks for the help.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Expert Comment

by:dr_dedo
ID: 16572790
try to destroy the session only

<?php
session_start();
session_destroy();
header("Location:anywhere.php");
?>

and when using unset(), it is better to unset this session variable
unset ($_SESSION['varname']);

give it a try...
0
 
LVL 29

Expert Comment

by:fibo
ID: 16572809
Yes this says that there is no session open.
Either you did not put session_start() at the top of your script (safest place is line #2, just after  <?php...)
OR ... you updated your script and forgot to remove some previous session_destroy()

When this will be solved, I suggest you use $_SESSION=array(); instead of unset()
This makes you sure that the SESSION array is empty...
0
 
LVL 29

Accepted Solution

by:
fibo earned 2000 total points
ID: 16572857
I forgot the page redirection...
If you have NOT yet output any HTML code, then you can use the header() function as explained by dr_dedo.

In my case however, some HTML code was already output, so I cheated with the help of javascript:

session_destroy();
$redirect=<<<REDIR
<script language='javascript'>
location.href="anywhere.php";
</script>
REDIR;
echo $redirect;// will generate a javascript/ html code that changes url NOW
exit; // just in case above does not work, php script will be restared rather than resumed
0
 

Author Comment

by:Karl01
ID: 16573421
Hi i have tried the code from dr_dedo but i now get these errors show below also i have checked my login scropt and i have session_start(); session_unset() on the first two lines after the <?php. anybody got a clue whats going on?

thanks for all the help.

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 3

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 3

Warning: Cannot modify header information - headers already sent by (output started at C:\wamp\www\project\logout.php:2) in C:\wamp\www\project\logout.php on line 5
0
 
LVL 20

Expert Comment

by:Muhammad Wasif
ID: 16573618
post your logout page code.
0
 
LVL 29

Expert Comment

by:fibo
ID: 16573665
"Cannot send session cookie - headers already sent by "
This is what I said: since some html code has already been sent , you cannot use the header() redirection.
Can you try my JavaScript solution?
0
 
LVL 29

Expert Comment

by:fibo
ID: 16573685
Other info:
- unset($_SESSION) is explicitly said to be avoided, since it prevents the system to use $_SESSION
--> $_SESSION=array(); will keep the array while emptying all its values.

- check that the < from the first <?php is THE FIRST CHARACTER in your file: no space, no new line should be before this <
0
 
LVL 12

Expert Comment

by:Richard Davis
ID: 16575350
If you happen to have root access to your server's directory structure, you could run the phpinfo() function...find out where your sessions are being stored, then view the contents of one of the files (typically, by default, a session file starts with "sess_" as it's filename...do a locate sess_ to see where they are all at) to see if the variables have all been unset/removed after logging out. I store all my session files in /var/tmp, but I think that the default setting in the php.ini file is just /tmp, but I could be wrong...either way, having a look at an actual session file is a sure fire way to see what the server is doing as you try out your code or the suggestions mention by these other people offering you code to try.

Good luck :)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
This article discusses four methods for overlaying images in a container on a web page
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question