Strange logout problem

Anon

I've got a script.. very simple:

if($logout) :
// process logout
elseif($logged_in):
// print menu
else:
// print login screen
endif;

Now.. the menu includes a logout button.. an image wrapped in an <a> tag pointing to $PHP_SELF?logout=1

When I click the logout button, the page reloads and the URL changes to www.domain.com/file.php?logout=1 but the process logout script doesn't run. Instead the menu is loaded again. Click the logout link AGAIN and the logout works without problem.

Any clues?

/Mike

Anon

Netscape or IE? Both?

Do you have:
<meta http-equiv="pragma" content="no-cache">?

...and did you try this?

if (!isset($logged_in)):
//
elseif(isset($logged_in):
//

random thoughts after an all-nighter...

--ph

Anon

Yes, both Nutscrape and IE. I have tried the no-cache META.. no change.

/Mike

Anon

You try to debug with:

break;

echo "meaningless text"

target=\"_blank\" inside the href

??? This is a real stumper.

--ph

Anon

Okay I think I've got what is going on. The script uses sessions for the login.. so the logout script says:

if($logout):
session_destroy();
$params = session_get_cookie_params();
setcookie(session_name(), "", 0, $params["path"], $params["domain"]);
Header("Location: $PHP_SELF");
elseif.....

For some reason, the first time the page is reloaded with the Header() function, the session information is still lurking about somewhere so the logged_in variable is still set. Anyone know why this is happening? I've destroyed the session data and reset the cookie.. where's the information coming from?

/Mike

Anon

Hi,

It sems that you can't use the cookie in the http header with the redirection, you must use it with a normal page, so you can use html redirection instead using Meta tags but i don't remember how this is done now.

Anon

That's very messy.

Besides.. if I've destroyed the data associated with the session, that should include the $logged_in (or $HTTP_SESSION_VARS["logged_in"]) variable. So how come it's still registering?

/Mike