I have do a website that use session variable to keep the information of user login like password,userid etc....
but when i test out, i found that if i login and log out to create a new user. the new user will have my old information if i din close the browser and open a new one again.
i have used session_unset(), session_destroy(). but still having the same problem.
so is session safe to keep user information or should i have a database to keep the info instead. like invision php forum does.
