I have read the other help messages on destroying sessions. They aren't working for me. I have an oo script that i'm developing, using sessions for the first time. Here's my login script (a new user(); calls the user() function, which calls the login() function, which calls the authenticate() function. Here it is:
function user()
{
if(user::login($user, $pass))
{
echo session_id();
echo "<br /><a href=\"".$PHP_SELF."\">click</a>";
echo "<br /><a href=\"?x=user&y=logout\">logout</a>";
}
else
{
echo "<form action=\"".$PHP_SELF."?x=user&y=login\" method=\"POST\">\n";
echo "<input type=\"input\" name=\"user\" /><br />\n";
echo "<input type=\"password\" name=\"pass\" /><br />\n";
echo "<input type=\"submit\" /><br />\n";
echo "</form>";
}
}
function login($user, $pass)
{
if(user::authenticate($user, $pass))
{
session_start();
session_register(sessionData);
$link = i42::db_connect();
$result = mysql_query("SELECT ".user::tableData("level")." FROM ".user::table()." WHERE ".user::tableData("user")."='$user'");
$this->sessionData["user"] = "$user";
while($row = mysql_fetch_array($result))
{
$this->sessionData["level"] = $row["user::tableData('level')"];
$this->sessionData["name"] = $row["user::tableData('realname')"];
}
mysql_close($link);
return true;
}
else
return false;
}
function authenticate($user, $pass)
{
$link = i42::db_connect();
$result = mysql_query("SELECT ".user::tableData("user").", ".user::tableData("password")." FROM ".user::table()." WHERE ".user::tableData("user")."='".$user."' AND ".user::tableData("password")."='".$pass."'");
mysql_close($link);
if($result)
return true;
else
return false;
}
Now, following the advice given on the other help threads, the following logout code (in the user class) should work:
function logout()
{
session_start();
session_unset();
$_SESSION = array();
session_destroy();
echo "<br /><br />Thank you for using Index42!";
}
It doesn't destroy the session. Can anyone explain why?
