i'm gaving trouble with the session_unset(); function. basically its not unsetting the session for my admin page. here is the code i've used.
Login Page:
<?php
unset($_SESSION['authuser']);
?>
<html>
<head>
<title></title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div align="center">
<form action="login2.php" method="post">
<table>
<tr>
<td>Username:</td>
<td><input type="text" id="user" name="user" class="radio"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="pass" name="pass" class="radio"></td>
</tr>
<tr>
<td><input type="submit" value="Login" class="radio" name="submit" id="submit"></td>
<td><input type="reset" value="Reset" class="radio"></td>
</tr>
</table>
</form>
</div>
</body>
</html>
Login Script:
<?php
session_start();
include "adminuser.php";
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = md5($_POST['pass']);
$_SESSION['authuser'] = 0;
if(($_SESSION['username'] == $User['username']) && ($_SESSION['userpass'] == $User['password'])) {
$_SESSION['authuser'] = 1;
echo "<link href=\"style.css\" rel=\"stylesheet\" type=\"text/css\"><meta http-equiv=\"Refresh\" content=\"5;url=admin.php\">
You have logged in successfully.<br>
If you are not redirected within 5 seconds please click <a href=\"admin.php\">here</a>.";
} else {
echo "<link href=\"style.css\" rel=\"stylesheet\" type=\"text/css\"><h1>Access Denied!</h1>";
exit();
}
?>
Admin Page:
<?php
session_start();
if($_SESSION['authuser']!=1){
echo "<link href=\"style.css\" rel=\"stylesheet\" type=\"text/css\"><h1>Access Denied!</h1>";
exit();
}
include "temp.php";
?>
This is where the problem starts. When i press the link to logout it goes back to the login page, but when i type in the address to the admin page it acts as though i've logged in. I've looked at this and i'm not sure whats wrong with my script.
Thanks for all and any help.
