logging out

chuender

I am using the following code which executes when ‘log out’ link is clicked:

<?php

unset($SESSION['company_id']);
unset($SESSION['company_type']);
unset($SESSION['username']);
unset($SESSION['password']);

$attributes["company_id"] = '';
$attributes["company_type"] = '';
$attributes["username"] = '';
$attributes["password"] = '';

// kill session variables

$_SESSION = array(); // reset session array
session_destroy(); // destroy session.
header('Location: index.php?method=logiMain.default');
?>

However, after the login screen is display and I click back on the browser, the session variables still exist.

Please help.

Weedpacket

Did you remember to start the session?

chuender

yes. the session variables are created on login and i use session_start() on every pages to maintain the session.

mrhappiness

so the code you posted is not the complete code you used?

chuender

no, it's only the logout code.

i use session_start(); on all other pages.

not sure whether this is the right fix, but i have to expire the PHPSESSID cookie by adding the following code to the above logout script:

setcookie ("PHPSESSID", "", time() - 3600);

i want to get away from using cookies, and tried by setting the following in php.ini

session.use_cookies = 1

but then my script stopped working, with none of the session variables set. what is the right way to set and delete session variables while not using cookies?

mrhappiness

Originally posted by chuender
no, it's only the logout code.

i use session_start(); on all other pages.

so you use session_destroy without telling php wich session to destroy?

you have to call session_start before calling session_destroy and/or changing $_SESSION

chuender

i added session_start(); to my logout script and that did the trick, even though the session was started before.

so how come i need to use session_start(); multipe times during a session? it seems if i don't then i would loose my sessino variables.

in addition, what is the best way to get sessions to work without cookies?

thanks for your help.