Logout & request re-logon using sessions

osheriff

Hello people, a session is created when a user successfullly logs (see part of login.php) on to my site and when the user clicks on log out they are taken to the logout page (see logout.php).

           $sql = "SELECT * FROM users WHERE username='$PHP_AUTH_USER' and password='$PHP_AUTH_PW'";

           $result = mysql_query($sql);

          $num = mysql_numrows($result);

          if ($num != "0") {

session_start( );

session_register("username");

          include "startpage.php";

include "endpage.php";

logout.php
<?
session_start();
session_destroy();

// redirect to index page
header("Location:index.php");
?>
currently when the user logs on and then goes back to the log on page it doesn't request another logon, they just go straight in! How do I stop this? I want the request for logging on to come up everytime the page is loaded.

Anon

First thing you do on the login page would be to destroy any current session.

The page proceeds as before, only now - ooh, they have no session info, they need to log in.