i got tis weird ass problem with loging out

Hoangsta

is tis normal???????

I login with one browser (1)

then

I login in with the same user in a different browser (2)

If i logout of (2) and hit backspace, it will show my name in the member's page. If i click on any link within member's it will direct me to a login screen. Which is okay. i'm no longer logged in. Rember, I clicked on logout already.

Now, when i go into (1), and logout and hit backspace too. it will show my member's name. it's okay. I figure that any link clicked on this member's page is going to send me back into login. afterall, I did logout. WRONG! I can click on any member's link and it will allow me to go there. they can delete or edit anything. which is not cool. i just don't want them to be able to see the member's screen after (2) logs out. has tis happen to anyone or just me?

bastien

each browser uses its own session to manage the login state...and your session in browser 1 is not killed by the logoout as that page has alrady rendered and the links are present on the page....

what you should really be checking that the user is not logged in when a new login happens...ie the same user can't log in twice...

Hoangsta

tis is what i have for th logout

function user_logout() {
  setcookie('user_name', '', (time()+2592000), '/', '', 0);
  setcookie('id_hash', '', (time()+2592000), '/', '', 0);
  session_destroy();
}

is that good enough? I do want to only have one user log in at a time, been trying to research on that topic...everyone has a version that I can't understand too much of. do you have any references that I could read upon?

so far, i know that it's nice to have in your database, the time, the sessionid, date,

Danny2055

for the time argument in setcookie try 0 which should get rid of it altogether instead of just setting it to a blank value

Hoangsta

function user_logout() {
  setcookie('user_name', '', (time()+2592000), '/', 0, 0);
  setcookie('id_hash', '', (time()+2592000), '/', 0, 0);
  session_destroy();
}

function user_logout() {
  setcookie('user_name', '', (time()+2592000), 0, 0, 0);
  setcookie('id_hash', '', (time()+2592000), 0, 0, 0);
  session_destroy();
}

Moonglobe

neither.

function user_logout() {
  setcookie('user_name', '', 0, '/', '', 0);
  setcookie('id_hash', '', 0, '/', '', 0);
  session_destroy();
}